============ Rust Unshare

:Status: beta :Documentation: http://tailhook.github.io/unshare/

Unshare is a low-level library to create linux containers.

It contains the following (mostly work in progress):

• Process creation interface similar to std::process::Command
• Unsharing arbitrary linux namespaces
• Ability to change root (chroot/pivot_root), uid, gid, gid_map
• Some signal mask handling (especially for new processes)
• Forwarding file descriptors and other unixy stuff (sessions, terminals)
• Clearing capabilities
• Setting few important prctl flags
• Should run both as root user and as unprivileged user

The following is considered:

• Capture input (should be, because part of std::process interface)
• Pseudo tty creation for child
• The unshare and setns

The following is out of scope:

• mounting file systems
• setting up network
• in-container and out of container supervision
• handing child signals