man7.org > Linux > man-pages

Linux/UNIX system programming training

rpm-plugin-unshare(8) — Linux manual page

NAME | Description | Configuration | SEE ALSO | COLOPHON 

RPM-UNSHARE(8)                                             RPM-UNSHARE(8)

NAME         top

       rpm-plugin-unshare - Unshare plugin for the RPM Package Manager

Description         top

       This plugin allows using various Linux-specific namespace-related
       technologies inside transactions, such as to harden and limit
       scriptlet access to resources.

Configuration         top

       This plugin implements the following configurables:

       %__transaction_unshare_paths
              A colon-separated list of paths to privately mount during
              scriptlet execution.  Typical examples would be /tmp to
              protect against insecure temporary file usage inside
              scriptlets, and /home to prevent scriptlets from accessing
              user home directories.  When path unsharing is enabled, any
              mounts made from scriptlets are also private to the
              scriptlet (and vice versa, mount changes on the host are
              not visible to the scriptlet).

              Private mounts in chroot-operations is unimplemented.

       %__transaction_unshare_nonet
              Non-zero value disables network access during scriptlet
              execution.

       See rpm-plugins(8) on how to control plugins in general.

SEE ALSO         top

       dbus-monitor(1), rpm-plugins(8)

COLOPHON         top

       This page is part of the rpm (RPM Package Manager) project.
       Information about the project can be found at 
       ⟨https://github.com/rpm-software-management/rpm⟩.  It is not known
       how to report bugs for this man page; if you know, please send a
       mail to man-pages@man7.org.  This page was obtained from the
       project's upstream Git repository
       ⟨https://github.com/rpm-software-management/rpm.git⟩ on
       2025-02-02.  (At that time, the date of the most recent commit
       that was found in the repository was 2025-01-31.)  If you discover
       any rendering problems in this HTML version of the page, or you
       believe there is a better or more up-to-date source for the page,
       or you have corrections or improvements to the information in this
       COLOPHON (which is not part of the original manual page), send a
       mail to man-pages@man7.org

                               15 Sep 2023                 RPM-UNSHARE(8)

HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Cover of TLPI