usage.txt

usage: %1$s [-h] [options] [--] [VAR=value...] [exe [args ...]]

Chroot into <root> and execute <exe> with the specified arguments,
setting up namespaces and other low-level minutiae that are needed in
order to enter a sane, isolated environment.

Environment variables can be overriden for the spacetime process by
specifying VAR=value before the executable to run.

Options:
	-h, --help:             Print this message.
	--version:              Print the version number.
	-r, --root <dir>:       Set root directory.

	--argv0 <arg>:          Set argv[0] (defaults to <exe>).
	--share-cgroup[=nsfile] Share the cgroup namespace in nsfile (default: parent).
	--share-ipc[=nsfile]    Share the ipc namespace in nsfile (default: parent).
	--share-mnt[=nsfile]    Share the mount namespace in nsfile (default: parent).
	--share-net[=nsfile]    Share the network namespace in nsfile (default: parent).
	--share-pid[=nsfile]    Share the pid namespace in nsfile (default: parent).
	--share-time[=nsfile]   Share the time namespace in nsfile (default: parent).
	--share-user[=nsfile]   Share the user namespace in nsfile (default: parent).
	--share-uts[=nsfile]    Share the uts namespace in nsfile (default: parent).
	--share-all[=directory] Share all namespaces in the directory (default: parent).
	--persist <directory>:  Bind-mount process namespaces into <dir> for re-entry.
	--workdir <directory>:  Set current work directory.
	--mount <source,target,type,options>:
	                        Mount source over target before executing the program.
	--uid <uid>:            Set user ID.
	--gid <gid>:            Set group ID.
	--groups <gid,gid,...>: Set additional groups.
	--arch <arch>:          Set the execution domain.
	--hostname <host>:      Set the host name.
	--domainname <domain>:  Set the domain name.
	--time <name>=<s>[.ns]: Set the time of a specific clock.
	--init=<init-argv>:     Use the specified outer path as init process.
	--setup=<cmdline>:      Run the specified setup command with sh -euc.
	--setup-exe=<path>:     Run the specified setup executable.
	--uid-map=<map>:        Use the specified uid map for the user namespace mapping.
	--gid-map=<map>:        Use the specified gid map for the user namespace mapping.
	--nic <name,type,options>:
	                        Create network interface in namespace.

	--limit-as (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_AS to the provided value(s).
	--limit-core (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_CORE to the provided value(s).
	--limit-cpu (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_CPU to the provided value(s).
	--limit-data (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_DATA to the provided value(s).
	--limit-fsize (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_FSIZE to the provided value(s).
	--limit-locks (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_LOCKS to the provided value(s).
	--limit-memlock (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_MEMLOCK to the provided value(s).
	--limit-msgqueue (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_MSGQUEUE to the provided value(s).
	--limit-nice (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_NICE to the provided value(s).
	--limit-nofile (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_NOFILE to the provided value(s).
	--limit-nproc (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_NPROC to the provided value(s).
	--limit-rss (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_RSS to the provided value(s).
	--limit-rtprio (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_RTPRIO to the provided value(s).
	--limit-rttime (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_RTTIME to the provided value(s).
	--limit-sigpending (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_SIGPENDING to the provided value(s).
	--limit-stack (<value>)|(<hard>:<soft>)
	                        Set RLIMIT_STACK to the provided value(s).

	--no-copy-hard-limits:  Don't copy hard limit values to soft limits.
	--no-fake-devtmpfs:     Don't replace devtmpfs mounts with fake ones.
	--no-derandomize:       Don't attempt to reduce randomness sources.
	--no-proc-remount:      Don't remount the existing /proc in pid namespaces.
	--no-loopback-setup:    Don't bring the lo interface up in network namespaces.
	--no-env:               Clear the environment before running the executable.