How to start external programs in "unshare" container, with sending of file descriptors?

view full story

http://serverfault.com – With unshare or lxc-execute I can create environments with separate network/mount/whatever namespaces. But starting programs there from outside is not really straightforward. Usually network and sshd is used, I also use UNIX socket with socat executing shell to start new processes on it. Is there already a program that allows to starting applications inside unshares easily? Client program is expected to connect to UNIX socket and send (SCM_RIGHTS) stdin/stdout/stderr to server. Server is expected to be started inside unshare and receive argv, environment and fds and start them. Something li (HowTos)