diff --git a/Cargo.lock b/Cargo.lock
index 1217dbc..835d390 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -8,6 +8,17 @@ version = "1.0.68"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2cb2f989d18dd141ab8ae82f64d1a8cdd37e0840f73a406896cf5e99502fab61"
 
+[[package]]
+name = "atty"
+version = "0.2.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8"
+dependencies = [
+ "hermit-abi 0.1.19",
+ "libc",
+ "winapi",
+]
+
 [[package]]
 name = "autocfg"
 version = "1.1.0"
@@ -31,9 +42,9 @@ dependencies = [
 
 [[package]]
 name = "cargo-manifest"
-version = "0.4.0"
+version = "0.7.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f7167c9bf667ef7849270bafee2d420482d022dd3aba84810398af83bff5d47d"
+checksum = "3ce38d2d1efbe0e7180766a872570bc07cd5430a42e713b01006d4afa89912fe"
 dependencies = [
  "serde",
  "toml",
@@ -50,15 +61,16 @@ dependencies = [
 
 [[package]]
 name = "cargo_metadata"
-version = "0.14.2"
+version = "0.15.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4acbb09d9ee8e23699b9634375c72795d095bf268439da88562cf9b501f181fa"
+checksum = "982a0cf6a99c350d7246035613882e376d58cebe571785abc5da4f648d53ac0a"
 dependencies = [
  "camino",
  "cargo-platform",
  "semver",
  "serde",
  "serde_json",
+ "thiserror",
 ]
 
 [[package]]
@@ -223,6 +235,15 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9"
 
+[[package]]
+name = "hermit-abi"
+version = "0.1.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33"
+dependencies = [
+ "libc",
+]
+
 [[package]]
 name = "hermit-abi"
 version = "0.2.6"
@@ -258,7 +279,7 @@ version = "0.4.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "28dfb6c8100ccc63462345b67d1bbc3679177c75ee4bf59bf29c8b1d110b8189"
 dependencies = [
- "hermit-abi",
+ "hermit-abi 0.2.6",
  "io-lifetimes",
  "rustix",
  "windows-sys",
@@ -302,9 +323,9 @@ dependencies = [
 
 [[package]]
 name = "once_cell"
-version = "1.16.0"
+version = "1.17.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "86f0b0d4bf799edbc74508c1e8bf170ff5f41238e5f8225603ca7caaae2b7860"
+checksum = "6f61fba1741ea2b3d6a1e3178721804bb716a68a6aeba1149b5d52e3d464ea66"
 
 [[package]]
 name = "os_str_bytes"
@@ -314,9 +335,9 @@ checksum = "9b7820b9daea5457c9f21c69448905d723fbd21136ccf521748f23fd49e723ee"
 
 [[package]]
 name = "owo-colors"
-version = "3.6.0"
+version = "3.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "69dc4ec9e7e12502579e09e8a53c6a305b3aceb62ad5c307a62f7c3eada78324"
+checksum = "c1b04fb49957986fdce4d6ee7a65027d55d4b6d2265e5848bbb507b58ccfdb6f"
 dependencies = [
  "supports-color",
 ]
@@ -356,9 +377,9 @@ dependencies = [
 
 [[package]]
 name = "public-api"
-version = "0.24.2"
+version = "0.25.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1413f60e24e0731edc593bc72d2ce626960726954dddbe141462811716d88c11"
+checksum = "88a1f38addffc7d88afde7603b4bd8f741e6854d62b17dea2f31f33c7e68a74a"
 dependencies = [
  "hashbag",
  "rustdoc-types",
@@ -407,9 +428,9 @@ dependencies = [
 
 [[package]]
 name = "rustdoc-json"
-version = "0.7.3"
+version = "0.7.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eeb423a4049602f753fea6b22a7868306ed68832c995079d5f45f500488a3e64"
+checksum = "7b5082b45f38d799925b7981a90b3bed9e4cbff7596afd5e373db384bd6c3f35"
 dependencies = [
  "cargo-manifest",
  "cargo_metadata",
@@ -501,11 +522,11 @@ checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
 
 [[package]]
 name = "supports-color"
-version = "2.0.0"
+version = "1.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4950e7174bffabe99455511c39707310e7e9b440364a2fcb1cc21521be57b354"
+checksum = "8ba6faf2ca7ee42fdd458f4347ae0a9bd6bcc445ad7cb57ad82b383f18870d6f"
 dependencies = [
- "is-terminal",
+ "atty",
  "is_ci",
 ]
 
diff --git a/Cargo.toml b/Cargo.toml
index b928419..7a27747 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -13,14 +13,15 @@ license = "Apache-2.0"
 clap = { version = "4.0.32", features = ["derive", "wrap_help"] }
 dirs = "4.0.0"
 error-stack = "0.2.4"
-nix = { version = "0.26.1", default-features = false, features = ["user", "mount"] }
+# TODO nuke once rustix has mount
+nix = { version = "0.26.1", default-features = false, features = ["mount"] }
 rustix = { version = "0.36.6", features = ["fs", "process"] }
 thiserror = "1.0.38"
 
 [dev-dependencies]
 expect-test = "1.4.0"
-public-api = "0.24.0"
-rustdoc-json = "0.7.0"
+public-api = "0.25.0"
+rustdoc-json = "0.7.4"
 
 [profile.release]
 lto = true
diff --git a/README.md b/README.md
index f9373c0..f80875c 100644
--- a/README.md
+++ b/README.md
@@ -7,15 +7,16 @@ ForkFS allows you to sandbox a process's changes to your file system.
 ### Use prebuilt binaries
 
 Binaries for a number of platforms are available on the
-[release page](https://github.com/SUPERCILEX/ftzz/releases/latest).
+[release page](https://github.com/SUPERCILEX/forkfs/releases/latest).
 
 ### Build from source
 
 ```console,ignore
-$ cargo +nightly install ftzz
+$ cargo +nightly install forkfs
 ```
 
-> To install cargo, follow [these instructions](https://doc.rust-lang.org/cargo/getting-started/installation.html).
+> To install cargo, follow
+> [these instructions](https://doc.rust-lang.org/cargo/getting-started/installation.html).
 
 ## Usage
 
@@ -25,10 +26,15 @@ Run a command in the sandbox:
 $ sudo forkfs run -- <your command>
 ```
 
-All file system changes the command makes will only exist within the sandbox and will not modify your real file system.
+All file system changes the command makes will only exist within the sandbox and will not modify
+your real file system.
 
 You can also start a bash shell wherein any command you execute has its file operations sandboxed:
 
 ```sh
 $ sudo -E forkfs run bash
 ```
+
+> Note: be consistent with your usage of `-E`. Bare `sudo` vs `sudo -E` will likely change the
+> forkfs environment, meaning sessions that appear in `sudo` will not appear in `sudo -E` and vice
+> versa.
diff --git a/api.golden b/api.golden
index fc8ee92..757d50a 100644
--- a/api.golden
+++ b/api.golden
@@ -1,9 +1,9 @@
 pub mod forkfs
 pub enum forkfs::Error
-pub enum variant forkfs::Error::InvalidArgument
-pub enum variant forkfs::Error::Io
-pub enum variant forkfs::Error::NotRoot
-pub enum variant forkfs::Error::SessionNotFound
+pub forkfs::Error::InvalidArgument
+pub forkfs::Error::Io
+pub forkfs::Error::NotRoot
+pub forkfs::Error::SessionNotFound
 impl core::fmt::Debug for forkfs::Error
 pub fn forkfs::Error::fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result
 impl core::fmt::Display for forkfs::Error
@@ -38,8 +38,8 @@ impl<T, U> core::convert::TryInto<U> for forkfs::Error where U: core::convert::T
 pub type forkfs::Error::Error = <U as core::convert::TryFrom<T>>::Error
 pub fn forkfs::Error::try_into(self) -> core::result::Result<U, <U as core::convert::TryFrom<T>>::Error>
 pub enum forkfs::SessionOperand<'a, S: core::convert::AsRef<str>>
-pub enum variant forkfs::SessionOperand::All
-pub enum variant forkfs::SessionOperand::List(&'a [S])
+pub forkfs::SessionOperand::All
+pub forkfs::SessionOperand::List(&'a [S])
 impl<'a, S> core::panic::unwind_safe::RefUnwindSafe for forkfs::SessionOperand<'a, S> where S: core::panic::unwind_safe::RefUnwindSafe
 impl<'a, S> core::marker::Send for forkfs::SessionOperand<'a, S> where S: core::marker::Sync
 impl<'a, S> core::marker::Sync for forkfs::SessionOperand<'a, S> where S: core::marker::Sync
diff --git a/src/lib.rs b/src/lib.rs
index 3333f4a..096a9ff 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -4,6 +4,7 @@
 #![feature(const_cstr_methods)]
 #![feature(dir_entry_ext2)]
 #![allow(clippy::missing_errors_doc)]
+#![allow(clippy::multiple_crate_versions)]
 
 use std::{
     fmt::{Debug, Display},
@@ -39,6 +40,7 @@ pub enum Error {
 }
 
 fn get_sessions_dir() -> Result<PathBuf, Error> {
+    // TODO check capabilities instead once in rustix
     if !getuid().is_root() {
         return Err(Error::NotRoot).into_report();
     }
diff --git a/src/main.rs b/src/main.rs
index 1276417..d3af7fc 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,3 +1,5 @@
+#![allow(clippy::multiple_crate_versions)]
+
 use std::{
     ffi::OsString,
     io,