NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | ERRORS | VERSIONS | CONFORMING TO | NOTES | SEE ALSO | COLOPHON
UNSHARE(2) Linux Programmer's Manual UNSHARE(2)
unshare - disassociate parts of the process execution context
#define _GNU_SOURCE
#include <sched.h>
int unshare(int flags);
unshare() allows a process to disassociate parts of its execution context that
are currently being shared with other processes. Part of the execution
context, such as the mount namespace, is shared implicitly when a new process
is created using fork(2) or vfork(2), while other parts, such as virtual
memory, may be shared by explicit request when creating a process using
clone(2).
The main use of unshare() is to allow a process to control its shared
execution context without creating a new process.
The flags argument is a bit mask that specifies which parts of the execution
context should be unshared. This argument is specified by ORing together zero
or more of the following constants:
CLONE_FILES
Reverse the effect of the clone(2) CLONE_FILES flag. Unshare the file
descriptor table, so that the calling process no longer shares its file
descriptors with any other process.
CLONE_FS
Reverse the effect of the clone(2) CLONE_FS flag. Unshare file system
attributes, so that the calling process no longer shares its root
directory, current directory, or umask attributes with any other
process. chroot(2), chdir(2), or umask(2)
CLONE_NEWNS
This flag has the same effect as the clone(2) CLONE_NEWNS flag.
Unshare the mount namespace, so that the calling process has a private
copy of its namespace which is not shared with any other process.
Specifying this flag automatically implies CLONE_FS as well.
If flags is specified as zero, then unshare() is a no-op; no changes are made
to the calling process's execution context.
On success, zero returned. On failure, -1 is returned and errno is set to
indicate the error.
EINVAL An invalid bit was specified in flags.
ENOMEM Cannot allocate sufficient memory to copy parts of caller's context
that need to be unshared.
EPERM flags specified CLONE_NEWNS but the calling process was not privileged
(did not have the CAP_SYS_ADMIN capability).
The unshare() system call was added to Linux in kernel 2.6.16.
The unshare() system call is Linux-specific.
Not all of the process attributes that can be shared when a new process is
created using clone(2) can be unshared using unshare(). In particular, as at
kernel 2.6.16, unshare() does not implement flags that reverse the effects of
CLONE_SIGHAND, CLONE_SYSVSEM, CLONE_THREAD, or CLONE_VM. Such functionality
may be added in the future, if required.
clone(2), fork(2), vfork(2), Documentation/unshare.txt
This page is part of release 3.23 of the Linux man-pages project. A
description of the project, and information about reporting bugs, can be found
at http://www.kernel.org/doc/man-pages/.
Linux 2008-11-20 UNSHARE(2)