UNSHARE(1) UNSHARE(1) unshare - unshare [] [ []] unshare ( ) . "${SHELL}" (: /bin/sh). . /proc/-/ns/ . nsenter(1) ( PID init ). umount(8) . . unshare util-linux 2.36 /proc/[pid]/ns/pid_for_children /proc/[pid]/ns/time_for_children PID TIME . 4.17 . unshare: ( mount --make-shared /proc/self/mountinfo findmnt -o+PROPAGATION shared). mount_namespaces(7). unshare util-linux 2.27 private . --propagation unchanged. private . UTS . uts_namespaces(7). IPC namespace POSIX System V . ipc_namespaces(7). network namespace IPv4 IPv6 IP /proc/net /sys/class/net . network_namespaces(7). PID namespace (PID-to-process) . pid_namespaces(7). cgroup /proc/self/cgroup cgroup cgroup . cgroup_namespaces(7). (UIDs) (GIDs) . user_namespaces(7). CLOCK_MONOTONIC / CLOCK_BOOTTIME /proc/self/timens_offsets. time_namespaces(7). -i --ipc[=] IPC . . -m --mount[=] . . shared ( ). findmnt -o+PROPAGATION . . -n --net[=] . . -p --pid[=] PID . . ( PID --fork ). --fork --mount-proc. -u --uts[=] UTS . . -U --user[=] . (bind mount) . -C --cgroup[=] cgroup . . -T --time[=] . . --monotonic --boottime . -f --fork unshare . PID . unshare SIGINT SIGTERM . . --forward-signals SIGTERM SIGINT unshare . unshare ( util-linux 2.36). . unshare SIGTERM SIGINT ( ) . ( trap ) . --fork. --keep-caps --user . --kill-child[=signame] unshare signame . --pid unshare . SIGKILL. --fork. --mount-proc[=-] proc - ( /proc). PID . /proc . proc ( MS_PRIVATE|MS_REC). --mount-binfmt[=-] binfmt_misc _ ( /proc/sys/fs/binfmt_misc). binfmt_misc . binfmt_misc ( MS_PRIVATE|MS_REC). --map-user uid| uid. . --user. --map-users inneruid:outeruid:count|auto|subids|all count outeruid inneruid. newuidmap(1) unshare . --map-user "" . . --map-users . auto /etc/subuid 0. subids . all . --user. util-linux 2.39 outeruid,inneruid,count /proc/[pid]/uid_map X-mount.idmap. --map-group gid| gid. . --setgroups=deny --user. --map-groups innergid:outergid:count|auto|subids|all count outergid innergid. newgidmap(1) unshare . --map-group "" . . --map-groups . auto /etc/subgid 0. subids . all . --user. util-linux 2.39 outergid,innergid,count /proc/[pid]/gid_map X-mount.idmap. --map-auto /etc/subuid 0. /etc/subgid 0. . --map-users=auto --map-groups=auto. --map-subids /etc/subuid . /etc/subgid. --map-users=subids --map-groups=subids. -r --map-root-user (UID) (GID) (superuser) . ( ) . UIDs GIDs. --setgroups=deny --user. --map-user=0 --map-group=0. -c --map-current-user (UID) (GID) . --setgroups=deny --user. --map-user=$(id -ru) --map-group=$(id -rg). --owner uid:gid . CAP_SYS_ADMIN setns(2) . / . --user. --propagation private|shared|slave|unchanged . private. unchanged. (--mount). --setgroups allow|deny setgroups(2) . setgroups(2) CAP_SETGID. 3.19 : setgroups(2) (GID) (/proc/-*/gid_map*). GID root setgroups(2) ( allow ) GID setgroups(2) ( deny). -R --root . -w --wd . -S --setuid uid . -G --setgid gid . -l --load-interp _ binfmt_misc ( --mount-binfmt). _ :name:type:offset:magic:mask:interpreter:flags. . F flags --root binfmt_misc chroot chroot. --monotonic CLOCK_MONOTONIC . --time. --boottime CLOCK_BOOTTIME . --time. -h --help . -V --version . proc sysfs . proc sysfs . PID --fork ( ) 1. --mount-proc proc(5) PID . readlink(1) . # unshare --fork --pid --mount-proc readlink /proc/self 1 root : $ id -u; id -g 1000 1000 $ unshare --user --map-root-user \ sh -c 'whoami; cat /proc/self/uid_map /proc/self/gid_map' root 0 1000 1 0 1000 1 65536 root . subuid(5) subgid(5). 1 1. : $ id -u 1000 $ cat /etc/subuid 1000:100000:65536 $ unshare --user --map-auto --map-root-user # id -u 0 # cat /proc/self/uid_map 0 1000 1 1 100000 65535 # touch file; chown 1:1 file # ls -ln --time-style=+ file -rw-r--r-- 1 1 1 0 file # exit $ ls -ln --time-style=+ file -rw-r--r-- 1 100000 100000 0 file UTS . nsenter(1) UTS unshare. (bind mount). # touch /root/uts-ns # unshare --uts=/root/uts-ns hostname FOO # nsenter --uts=/root/uts-ns hostname FOO # umount /root/uts-ns /root/namespaces/mnt. (/root/namespaces) shared. # mount --bind /root/namespaces /root/namespaces # mount --make-private /root/namespaces # touch /root/namespaces/mnt # unshare --mount=/root/namespaces/mnt --kill-child PID unshare PID. # set +m # # unshare --pid --fork --mount-proc --kill-child -- \ bash --norc -c '(sleep 555 &) && (ps a &) && sleep 999' & [1] 53456 # PID TTY STAT TIME COMMAND 1 pts/3 S+ 0:00 sleep 999 3 pts/3 S+ 0:00 sleep 555 5 pts/3 R+ 0:00 ps a # ps h -o 'comm' $! # unshare(1) unshare # kill $! # unshare(1) # pidof sleep pidof(1) sleep . sleep PID 1 ( ) . --kill-child unshare PID: # unshare --pid --fork --mount-proc -- \ bash --norc -c '(sleep 555 &) && (ps a &) && sleep 999' & [1] 53479 # PID TTY STAT TIME COMMAND 1 pts/3 S+ 0:00 sleep 999 3 pts/3 S+ 0:00 sleep 555 5 pts/3 R+ 0:00 ps a # kill $! # pidof sleep 53482 53480 : # uptime -p # up 21 hours, 30 minutes # unshare --time --fork --boottime 300000000 uptime -p up 9 years, 28 weeks, 1 day, 2 hours, 50 minutes chroot /chroot/powerpc/jessie /bin/qemu-ppc-static powerpc . $ unshare --map-root-user --fork --pid --load-interp=":qemu-ppc:M::\\x7fELF\x01\\x02\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x02\\x00\\x14:\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xfe\\xff\\xff:/bin/qemu-ppc-static:OCF" --root=/chroot/powerpc/jessie /bin/bash -l load-interp qemu-ppc /proc/sys/fs/binfmt_misc M (magic number) \\x7fELF\x01\\x02\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x02\\x00\\x1 ( ELF PPC32) \\xff\\xff\\xff\\xff\\xff\\xff\\xff\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xfe\\xff\\xff /bin/qemu-ppc-static OCF . Mikhail Gusarov Karel Zak newuidmap(1) newgidmap(1) nsenter(1) lsns(8) clone(2) unshare(2) namespaces(7) mount(8) . unshare util-linux . util-linux 2.42.1 2026-05-18 UNSHARE(1)