# HG changeset patch
# User Rob Landley <rob@landley.net>
# Date 1377816946 18000
# Node ID 0d0c01ac5c6339b9695028f802b165bfd1391145
# Parent  9686469a857ad1388ae38c8694e4245223821459
PID and UID namespaces for unshare, pointed out by heehooman@gmail.com.

diff -r 9686469a857a -r 0d0c01ac5c63 toys/other/unshare.c
--- a/toys/other/unshare.c	Tue Aug 27 23:48:54 2013 -0500
+++ b/toys/other/unshare.c	Thu Aug 29 17:55:46 2013 -0500
@@ -2,7 +2,7 @@
  *
  * Copyright 2011 Rob Landley <rob@landley.net>
 
-USE_UNSHARE(NEWTOY(unshare, "<1^nium", TOYFLAG_USR|TOYFLAG_BIN))
+USE_UNSHARE(NEWTOY(unshare, "<1^niumpU", TOYFLAG_USR|TOYFLAG_BIN))
 
 config UNSHARE
   bool "unshare"
@@ -15,10 +15,12 @@
     attribute is not shared with the parent process.  This is part of
     Linux Containers.  Each process can have its own:
 
+    -i	SysV IPC (message queues, semaphores, shared memory)
     -m	Mount/unmount tree
+    -n	Network address, sockets, routing, iptables
+    -p	Process IDs and init
     -u	Host and domain names
-    -i	SysV IPC (message queues, semaphores, shared memory)
-    -n	Network address, sockets, routing, iptables
+    -U  UIDs, GIDs, capabilities
 */
 
 #include "toys.h"
@@ -27,7 +29,8 @@
 
 void unshare_main(void)
 {
-  unsigned flags[]={CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC, CLONE_NEWNET, 0};
+  unsigned flags[]={CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC, CLONE_NEWNET,
+                    CLONE_NEWPID, CLONE_NEWUSER, 0};
   unsigned f=0;
   int i;