bubblewrap 0.1.8

usage: bwrap [OPTIONS...] COMMAND [ARGS...] --help Print this help --version Print version --args FD Parse nul-separated args from FD --unshare-all Unshare every namespace we support by default --share-net Retain the network namespace (can only combine with --unshare-all) --unshare-user Create new user namespace (may be automatically implied if not setuid) --unshare-user-try Create new user namespace if possible else continue by skipping it --unshare-ipc Create new ipc namespace --unshare-pid Create new pid namespace --unshare-net Create new network namespace --unshare-uts Create new uts namespace --unshare-cgroup Create new cgroup namespace --unshare-cgroup-try Create new cgroup namespace if possible else continue by skipping it --uid UID Custom uid in the sandbox (requires --unshare-user) --gid GID Custon gid in the sandbox (requires --unshare-user) --hostname NAME Custom hostname in the sandbox (requires --unshare-uts) --chdir DIR Change directory to DIR --setenv VAR VALUE Set an environment variable --unsetenv VAR Unset an environment variable --lock-file DEST Take a lock on DEST while sandbox is running --sync-fd FD Keep this fd open while sandbox is running --bind SRC DEST Bind mount the host path SRC on DEST --dev-bind SRC DEST Bind mount the host path SRC on DEST, allowing device access --ro-bind SRC DEST Bind mount the host path SRC readonly on DEST --remount-ro DEST Remount DEST as readonly, it doesn't recursively remount --exec-label LABEL Exec Label for the sandbox --file-label LABEL File label for temporary sandbox content --proc DEST Mount procfs on DEST --dev DEST Mount new dev on DEST --tmpfs DEST Mount new tmpfs on DEST --mqueue DEST Mount new mqueue on DEST --dir DEST Create dir at DEST --file FD DEST Copy from FD to dest DEST --bind-data FD DEST Copy from FD to file which is bind-mounted on DEST --ro-bind-data FD DEST Copy from FD to file which is readonly bind-mounted on DEST --symlink SRC DEST Create symlink at DEST with target SRC --seccomp FD Load and use seccomp rules from FD --block-fd FD Block on FD until some data to read is available --info-fd FD Write information about the running container to FD --new-session Create a new terminal session --die-with-parent Kills with SIGKILL child process (COMMAND) when bwrap or bwrap's parent dies.