woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make it a bit more standards friendly

Browse Source
This commit is contained in:
Robert Swiecki 2016-07-21 15:48:47 +02:00
parent 8a501f4ad6
commit 432c82bb34
7 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmdline.c
View File

@ -137,7 +137,7 @@ static bool cmdlineIsANumber(const char *s)
return true; return true;
} }
rlim_t cmdlineParseRLimit(int res, const char *optarg, unsigned long mul) __rlim64_t cmdlineParseRLimit(int res, const char *optarg, unsigned long mul)
{ {
struct rlimit64 cur; struct rlimit64 cur;
if (prlimit64(0, res, NULL, &cur) == -1) { if (prlimit64(0, res, NULL, &cur) == -1) {
@ -153,7 +153,7 @@ rlim_t cmdlineParseRLimit(int res, const char *optarg, unsigned long mul)
LOG_F("RLIMIT %d needs a numeric or 'max'/'def' value ('%s' provided)", res, LOG_F("RLIMIT %d needs a numeric or 'max'/'def' value ('%s' provided)", res,
optarg); optarg);
} }
rlim64_t val = strtoull(optarg, NULL, 0) * mul; __rlim64_t val = strtoull(optarg, NULL, 0) * mul;
if (val == ULLONG_MAX && errno != 0) { if (val == ULLONG_MAX && errno != 0) {
PLOG_F("strtoul('%s', 0)", optarg); PLOG_F("strtoul('%s', 0)", optarg);
} }

14
common.h
View File

@ -98,13 +98,13 @@ struct nsjconf_t {
bool verbose; bool verbose;
bool keep_env; bool keep_env;
bool keep_caps; bool keep_caps;
rlim64_t rl_as; __rlim64_t rl_as;
rlim64_t rl_core; __rlim64_t rl_core;
rlim64_t rl_cpu; __rlim64_t rl_cpu;
rlim64_t rl_fsize; __rlim64_t rl_fsize;
rlim64_t rl_nofile; __rlim64_t rl_nofile;
rlim64_t rl_nproc; __rlim64_t rl_nproc;
rlim64_t rl_stack; __rlim64_t rl_stack;
unsigned long personality; unsigned long personality;
bool clone_newnet; bool clone_newnet;
bool clone_newuser; bool clone_newuser;

4
contain.c
View File

@ -79,11 +79,11 @@ static bool containDropPrivs(struct nsjconf_t *nsjconf)
if (setgroups(0, group_list) == -1) { if (setgroups(0, group_list) == -1) {
PLOG_D("setgroups(NULL) failed"); PLOG_D("setgroups(NULL) failed");
} }
if (setresgid(nsjconf->inside_gid, nsjconf->inside_gid, nsjconf->inside_gid) == -1) { if (syscall(__NR_setresgid, nsjconf->inside_gid, nsjconf->inside_gid, nsjconf->inside_gid) == -1) {
PLOG_E("setresgid(%u)", nsjconf->inside_gid); PLOG_E("setresgid(%u)", nsjconf->inside_gid);
return false; return false;
} }
if (setresuid(nsjconf->inside_uid, nsjconf->inside_uid, nsjconf->inside_uid) == -1) { if (syscall(__NR_setresuid, nsjconf->inside_uid, nsjconf->inside_uid, nsjconf->inside_uid) == -1) {
PLOG_E("setresuid(%u)", nsjconf->inside_uid); PLOG_E("setresuid(%u)", nsjconf->inside_uid);
return false; return false;
} }

1
mount.c
View File

@ -23,6 +23,7 @@
#include <errno.h> #include <errno.h>
#include <fcntl.h> #include <fcntl.h>
#include <linux/sched.h>
#include <sched.h> #include <sched.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>

2
net.c
View File

@ -45,6 +45,8 @@
#define IFACE_NAME "vs" #define IFACE_NAME "vs"
extern char **environ;
#if defined(NSJAIL_NL3_WITH_MACVLAN) #if defined(NSJAIL_NL3_WITH_MACVLAN)
#include <netlink/route/link.h> #include <netlink/route/link.h>
#include <netlink/route/link/macvlan.h> #include <netlink/route/link/macvlan.h>

1
pid.c
View File

@ -21,6 +21,7 @@
#include "pid.h" #include "pid.h"
#include <linux/sched.h>
#include <sched.h> #include <sched.h>
#include <signal.h> #include <signal.h>
#include <sys/prctl.h> #include <sys/prctl.h>

1
subproc.c
View File

@ -24,6 +24,7 @@
#include <arpa/inet.h> #include <arpa/inet.h>
#include <errno.h> #include <errno.h>
#include <fcntl.h> #include <fcntl.h>
#include <linux/sched.h>
#include <netinet/in.h> #include <netinet/in.h>
#include <sched.h> #include <sched.h>
#include <signal.h> #include <signal.h>