mirror of
https://github.com/SELinuxProject/selinux
synced 2025-02-17 10:06:51 +00:00
de0795a12e
It never worked correctly and this should be handled with an API to systemd going forward.
41 lines
1.3 KiB
Groff
41 lines
1.3 KiB
Groff
.TH SEUNSHARE "8" "May 2010" "seunshare" "User Commands"
|
|
.SH NAME
|
|
seunshare \- Run cmd with alternate homedir, tmpdir and/or SELinux context
|
|
.SH SYNOPSIS
|
|
.B seunshare
|
|
[ -v ] [ -C ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z context ] -- executable [args]
|
|
.br
|
|
.SH DESCRIPTION
|
|
.PP
|
|
Run the
|
|
.I executable
|
|
within the specified context, using the alternate home directory and /tmp directory. The seunshare command unshares from the default namespace, then mounts the specified homedir and tmpdir over the default homedir and /tmp. Finally it tells the kernel to execute the application under the specified SELinux context.
|
|
|
|
.TP
|
|
\fB\-h homedir\fR
|
|
Alternate homedir to be used by the application. Homedir must be owned by the user.
|
|
.TP
|
|
\fB\-t\ tmpdir
|
|
Use alternate tempory directory to mount on /tmp. tmpdir must be owned by the user.
|
|
.TP
|
|
\fB\-C --capabilities\fR
|
|
Allow apps executed within the namespace to use capabilities. Default is no capabilities.
|
|
.TP
|
|
\fB\-k --kill\fR
|
|
Kill all processes with matching MCS level.
|
|
.TP
|
|
\fB\-Z\ context
|
|
Use alternate SELinux context while runing the executable.
|
|
.TP
|
|
\fB\-v\fR
|
|
Verbose output
|
|
.SH "SEE ALSO"
|
|
.TP
|
|
runcon(1), sandbox(8), selinux(8)
|
|
.PP
|
|
.SH AUTHOR
|
|
This manual page was written by
|
|
.I Dan Walsh <dwalsh@redhat.com>
|
|
and
|
|
.I Thomas Liu <tliu@fedoraproject.org>
|