=== modified file 'sbin/ns_run'
--- sbin/ns_run	2020-12-18 00:22:04 +0000
+++ sbin/ns_run	2020-12-17 14:59:24 +0000
@@ -1,14 +1,12 @@
-#!/command/execlineb -S0
-getpid PID
-ifelse { importas -i PID PID test 1 -ne $PID } {
-	fdmove -c 1 2
-	echo "ns_run: fatal: not PID 1"
+#!/bin/zsh
+add_args=( )
+for a in "$@"; do
+	# execline-safe escaping
+	add_args+=( \"${a//\\/\\\\}\" )
+done
+if [[ $$ != 1 ]]; then
+	echo >&2 "ns_run: fatal: not PID 1"
 	exit 2
-}
-unexport PID
-
-unshare -m -u -i  # new mount, UTS and IPC namespaces
-foreground { importas -i HOST HOST hostname $HOST }
-fdmove -c 3 0  # store original stdin as we are calling pipelined script
-pipeline -d { /root/ns_execline.zsh $@ }
-execlineb /dev/stdin
+fi
+exec unshare -m -u -i /command/execlineb -c "foreground { importas -i HOST HOST hostname $HOST } fdmove -c 3 0 pipeline -d { /root/ns_execline.zsh $add_args } execlineb /dev/stdin"
+# exec unshare -m -u -i -n /command/execlineb -c "foreground { importas -i HOST HOST hostname $HOST } fdmove -c 3 0 pipeline -d { /root/ns_execline.zsh $add_args } execlineb /dev/stdin"