diff --git a/internal/app/config.go b/internal/app/config.go
index 4c21d8b..7950c59 100644
--- a/internal/app/config.go
+++ b/internal/app/config.go
@@ -90,6 +90,7 @@ func (s *SandboxConfig) Bwrap() *bwrap.Config {
 		Mqueue:        []string{"/dev/mqueue"},
 		NewSession:    !s.NoNewSession,
 		DieWithParent: true,
+		AsInit:        true,
 	}
 
 	for _, c := range s.Filesystem {
diff --git a/internal/app/start.go b/internal/app/start.go
index d5912ba..725d69d 100644
--- a/internal/app/start.go
+++ b/internal/app/start.go
@@ -29,17 +29,17 @@ func (a *app) Start() error {
 	defer a.lock.Unlock()
 
 	// resolve exec paths
-	e := [2]string{helper.BubblewrapName}
+	shimExec := [3]string{a.seal.sys.executable, helper.BubblewrapName}
 	if len(a.seal.command) > 0 {
-		e[1] = a.seal.command[0]
+		shimExec[2] = a.seal.command[0]
 	}
-	for i, n := range e {
+	for i, n := range shimExec {
 		if len(n) == 0 {
 			continue
 		}
 		if filepath.Base(n) == n {
 			if s, err := exec.LookPath(n); err == nil {
-				e[i] = s
+				shimExec[i] = s
 			} else {
 				return (*ProcessError)(wrapError(err, fmt.Sprintf("cannot find %q: %v", n, err)))
 			}
@@ -72,7 +72,7 @@ func (a *app) Start() error {
 
 	if wls, err := shim.ServeConfig(confSockPath, &shim.Payload{
 		Argv:  a.seal.command,
-		Exec:  e,
+		Exec:  shimExec,
 		Bwrap: a.seal.sys.bwrap,
 		WL:    a.seal.wlDone != nil,
 
@@ -105,7 +105,7 @@ func (a *app) Start() error {
 	err.Inner, err.DoErr = a.seal.store.Do(func(b state.Backend) {
 		err.InnerErr = b.Save(&sd)
 	})
-	return err.equiv("cannot save process state:", e)
+	return err.equiv("cannot save process state:", err)
 }
 
 // StateStoreError is returned for a failed state save
diff --git a/internal/init/main.go b/internal/init/main.go
new file mode 100644
index 0000000..074b505
--- /dev/null
+++ b/internal/init/main.go
@@ -0,0 +1,164 @@
+package init0
+
+import (
+	"encoding/gob"
+	"errors"
+	"flag"
+	"fmt"
+	"os"
+	"os/exec"
+	"os/signal"
+	"path"
+	"strconv"
+	"syscall"
+
+	"git.ophivana.moe/cat/fortify/internal/verbose"
+)
+
+// everything beyond this point runs within pid namespace
+// proceed with caution!
+
+func doInit(fd uintptr) {
+	// re-exec
+	if len(os.Args) > 0 && os.Args[0] != "fortify" && path.IsAbs(os.Args[0]) {
+		if err := syscall.Exec(os.Args[0], []string{"fortify", "init"}, os.Environ()); err != nil {
+			fmt.Println("fortify-init: cannot re-exec self:", err)
+			// continue anyway
+		}
+	}
+
+	verbose.Prefix = "fortify-init:"
+
+	var payload Payload
+	p := os.NewFile(fd, "config-stream")
+	if p == nil {
+		fmt.Println("fortify-init: invalid config descriptor")
+		os.Exit(1)
+	}
+	if err := gob.NewDecoder(p).Decode(&payload); err != nil {
+		fmt.Println("fortify-init: cannot decode init payload:", err)
+		os.Exit(1)
+	} else {
+		// sharing stdout with parent
+		// USE WITH CAUTION
+		verbose.Set(payload.Verbose)
+
+		// child does not need to see this
+		if err = os.Unsetenv(EnvInit); err != nil {
+			fmt.Println("fortify-init: cannot unset", EnvInit+":", err)
+			// not fatal
+		} else {
+			verbose.Println("received configuration")
+		}
+	}
+
+	// close config fd
+	if err := p.Close(); err != nil {
+		fmt.Println("fortify-init: cannot close config fd:", err)
+		// not fatal
+	}
+
+	// die with parent
+	if _, _, errno := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_SET_PDEATHSIG, uintptr(syscall.SIGKILL), 0); errno != 0 {
+		fmt.Println("fortify-init: prctl(PR_SET_PDEATHSIG, SIGKILL):", errno.Error())
+		os.Exit(1)
+	}
+
+	cmd := exec.Command(payload.Argv0)
+	cmd.Stdin, cmd.Stdout, cmd.Stderr = os.Stdin, os.Stdout, os.Stderr
+	cmd.Args = payload.Argv
+	cmd.Env = os.Environ()
+
+	// pass wayland fd
+	if payload.WL != -1 {
+		if f := os.NewFile(uintptr(payload.WL), "wayland"); f != nil {
+			cmd.Env = append(cmd.Env, "WAYLAND_SOCKET="+strconv.Itoa(3+len(cmd.ExtraFiles)))
+			cmd.ExtraFiles = append(cmd.ExtraFiles, f)
+		}
+	}
+
+	if err := cmd.Start(); err != nil {
+		fmt.Printf("fortify-init: cannot start %q: %v", payload.Argv0, err)
+		os.Exit(1)
+	}
+
+	sig := make(chan os.Signal, 2)
+	signal.Notify(sig, syscall.SIGINT, syscall.SIGTERM)
+
+	type winfo struct {
+		wpid    int
+		wstatus syscall.WaitStatus
+	}
+	info := make(chan winfo, 1)
+	done := make(chan struct{})
+
+	go func() {
+		var (
+			err     error
+			wpid    = -2
+			wstatus syscall.WaitStatus
+		)
+
+		// keep going until no child process is left
+		for wpid != -1 {
+			if err != nil {
+				break
+			}
+
+			if wpid != -2 {
+				info <- winfo{wpid, wstatus}
+			}
+
+			err = syscall.EINTR
+			for errors.Is(err, syscall.EINTR) {
+				wpid, err = syscall.Wait4(-1, &wstatus, 0, nil)
+			}
+		}
+		if !errors.Is(err, syscall.ECHILD) {
+			fmt.Println("fortify-init: unexpected wait4 response:", err)
+		}
+
+		close(done)
+	}()
+
+	r := 2
+	for {
+		select {
+		case s := <-sig:
+			verbose.Println("received", s.String())
+			os.Exit(0)
+		case w := <-info:
+			if w.wpid == cmd.Process.Pid {
+				switch {
+				case w.wstatus.Exited():
+					r = w.wstatus.ExitStatus()
+				case w.wstatus.Signaled():
+					r = 128 + int(w.wstatus.Signal())
+				default:
+					r = 255
+				}
+			}
+		case <-done:
+			os.Exit(r)
+		}
+	}
+}
+
+// Try runs init and stops execution if FORTIFY_INIT is set.
+func Try() {
+	if os.Getpid() != 1 {
+		return
+	}
+
+	if args := flag.Args(); len(args) == 1 && args[0] == "init" {
+		if s, ok := os.LookupEnv(EnvInit); ok {
+			if fd, err := strconv.Atoi(s); err != nil {
+				fmt.Printf("fortify-init: cannot parse %q: %v", s, err)
+				os.Exit(1)
+			} else {
+				doInit(uintptr(fd))
+			}
+			panic("unreachable")
+		}
+	}
+}
diff --git a/internal/init/payload.go b/internal/init/payload.go
new file mode 100644
index 0000000..6f4b278
--- /dev/null
+++ b/internal/init/payload.go
@@ -0,0 +1,15 @@
+package init0
+
+const EnvInit = "FORTIFY_INIT"
+
+type Payload struct {
+	// target full exec path
+	Argv0 string
+	// child full argv
+	Argv []string
+	// wayland fd, -1 to disable
+	WL int
+
+	// verbosity pass through
+	Verbose bool
+}
diff --git a/internal/shim/main.go b/internal/shim/main.go
index bb0b15b..811fb24 100644
--- a/internal/shim/main.go
+++ b/internal/shim/main.go
@@ -12,6 +12,7 @@ import (
 	"syscall"
 
 	"git.ophivana.moe/cat/fortify/helper"
+	init0 "git.ophivana.moe/cat/fortify/internal/init"
 	"git.ophivana.moe/cat/fortify/internal/verbose"
 )
 
@@ -71,27 +72,24 @@ func doShim(socket string) {
 		// not fatal
 	}
 
+	var ic init0.Payload
+
 	// resolve argv0
-	var (
-		argv0 string
-		argv  = payload.Argv
-	)
-	if len(argv) > 0 {
+	ic.Argv = payload.Argv
+	if len(ic.Argv) > 0 {
 		// looked up from $PATH by parent
-		argv0 = payload.Exec[1]
+		ic.Argv0 = payload.Exec[2]
 	} else {
 		// no argv, look up shell instead
 		var ok bool
-		if argv0, ok = os.LookupEnv("SHELL"); !ok {
+		if ic.Argv0, ok = os.LookupEnv("SHELL"); !ok {
 			fmt.Println("fortify-shim: no command was specified and $SHELL was unset")
 			os.Exit(1)
 		}
 
-		argv = []string{argv0}
+		ic.Argv = []string{ic.Argv0}
 	}
 
-	_ = conn.Close()
-
 	conf := payload.Bwrap
 
 	var extraFiles []*os.File
@@ -99,13 +97,33 @@ func doShim(socket string) {
 	// pass wayland fd
 	if wfd != -1 {
 		if f := os.NewFile(uintptr(wfd), "wayland"); f != nil {
-			conf.SetEnv["WAYLAND_SOCKET"] = strconv.Itoa(3 + len(extraFiles))
+			ic.WL = 3 + len(extraFiles)
 			extraFiles = append(extraFiles, f)
 		}
+	} else {
+		ic.WL = -1
 	}
 
-	helper.BubblewrapName = payload.Exec[0] // resolved bwrap path by parent
-	if b, err := helper.NewBwrap(conf, nil, argv0, func(_, _ int) []string { return argv[1:] }); err != nil {
+	// share config pipe
+	if r, w, err := os.Pipe(); err != nil {
+		fmt.Println("fortify-shim: cannot pipe:", err)
+		os.Exit(1)
+	} else {
+		conf.SetEnv[init0.EnvInit] = strconv.Itoa(3 + len(extraFiles))
+		extraFiles = append(extraFiles, r)
+
+		verbose.Println("transmitting config to init")
+		go func() {
+			// stream config to pipe
+			if err = gob.NewEncoder(w).Encode(&ic); err != nil {
+				fmt.Println("fortify-shim: cannot transmit init config:", err)
+				os.Exit(1)
+			}
+		}()
+	}
+
+	helper.BubblewrapName = payload.Exec[1] // resolved bwrap path by parent
+	if b, err := helper.NewBwrap(conf, nil, payload.Exec[0], func(int, int) []string { return []string{"init"} }); err != nil {
 		fmt.Println("fortify-shim: malformed sandbox config:", err)
 		os.Exit(1)
 	} else {
diff --git a/internal/shim/payload.go b/internal/shim/payload.go
index 7248c86..45a608d 100644
--- a/internal/shim/payload.go
+++ b/internal/shim/payload.go
@@ -7,8 +7,8 @@ const EnvShim = "FORTIFY_SHIM"
 type Payload struct {
 	// child full argv
 	Argv []string
-	// bwrap, target full exec path
-	Exec [2]string
+	// fortify, bwrap, target full exec path
+	Exec [3]string
 	// bwrap config
 	Bwrap *bwrap.Config
 	// whether to pass wayland fd
diff --git a/main.go b/main.go
index 9ccdf0b..6f1ab57 100644
--- a/main.go
+++ b/main.go
@@ -8,6 +8,7 @@ import (
 
 	"git.ophivana.moe/cat/fortify/internal"
 	"git.ophivana.moe/cat/fortify/internal/app"
+	init0 "git.ophivana.moe/cat/fortify/internal/init"
 	"git.ophivana.moe/cat/fortify/internal/shim"
 	"git.ophivana.moe/cat/fortify/internal/verbose"
 )
@@ -27,15 +28,14 @@ func main() {
 	// linux/sched/coredump.h
 	if _, _, errno := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_SET_DUMPABLE, 0, 0); errno != 0 {
 		fmt.Printf("fortify: cannot set SUID_DUMP_DISABLE: %s", errno.Error())
-	} else {
-		verbose.Println("prctl(PR_SET_DUMPABLE, SUID_DUMP_DISABLE) succeeded")
 	}
 
 	if internal.SdBootedV {
 		verbose.Println("system booted with systemd as init system")
 	}
 
-	// shim early exit
+	// shim/init early exit
+	init0.Try()
 	shim.Try()
 
 	// root check