rpm-plugin-unshare - Unshare plugin for the RPM Package Manager

       This plugin implements the following configurables:

       %__transaction_unshare_paths
              A colon-separated list of paths to privately mount during scriptlet execution.   Typical  examples
              would  be  /tmp  to  protect against insecure temporary file usage inside scriptlets, and /home to
              prevent scriptlets from accessing user home directories.  When  path  unsharing  is  enabled,  any
              mounts  made  from  scriptlets are also private to the scriptlet (and vice versa, mount changes on
              the host are not visible to the scriptlet).

              Private mounts in chroot-operations is unimplemented.

       %__transaction_unshare_nonet
              Non-zero value disables network access during scriptlet execution.

       See rpm-plugins(8) on how to control plugins in general.

       This  plugin allows using various Linux-specific namespace-related technologies inside transactions, such
       as to harden and limit scriptlet access to resources.

       rpm-plugin-unshare - Unshare plugin for the RPM Package Manager

dbus-monitor(1), rpm-plugins(8)

                                                   15 Sep 2023                                    RPM-UNSHARE(8)