woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cmdline: more stderr_to_null closer to is_silent

Browse Source
This commit is contained in:
Robert Swiecki 2018-06-25 04:10:42 +02:00
parent 272a85477a
commit 5bf23a0e58
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cmdline.cc
View File

@ -97,9 +97,9 @@ struct custom_option custom_opts[] = {
{ { "keep_caps", no_argument, NULL, 0x0501 }, "Don't drop any capabilities" },
{ { "cap", required_argument, NULL, 0x0509 }, "Retain this capability, e.g. CAP_PTRACE (can be specified multiple times)" },
{ { "silent", no_argument, NULL, 0x0502 }, "Redirect child process' fd:0/1/2 to /dev/null" },
{ { "stderr_to_null", no_argument, NULL, 0x0503 }, "Redirect child process' fd:2 (STDERR_FILENO) to /dev/null" },
{ { "skip_setsid", no_argument, NULL, 0x0504 }, "Don't call setsid(), allows for terminal signal handling in the sandboxed process. Dangerous" },
{ { "pass_fd", required_argument, NULL, 0x0505 }, "Don't close this FD before executing the child process (can be specified multiple times), by default: 0/1/2 are kept open" },
{ { "stderr_to_null", no_argument, NULL, 0x0506 }, "Redirect FD=2 (STDERR_FILENO) to /dev/null" },
{ { "disable_no_new_privs", no_argument, NULL, 0x0507 }, "Don't set the prctl(NO_NEW_PRIVS, 1) (DANGEROUS)" },
{ { "rlimit_as", required_argument, NULL, 0x0201 }, "RLIMIT_AS in MB, 'max' or 'hard' for the current hard limit, 'def' or 'soft' for the current soft limit, 'inf' for RLIM64_INFINITY (default: 512)" },
{ { "rlimit_core", required_argument, NULL, 0x0202 }, "RLIMIT_CORE in MB, 'max' or 'hard' for the current hard limit, 'def' or 'soft' for the current soft limit, 'inf' for RLIM64_INFINITY (default: 0)" },
@ -396,8 +396,8 @@ std::unique_ptr<nsjconf_t> parseArgs(int argc, char* argv[]) {
nsjconf->mode = MODE_STANDALONE_ONCE;
nsjconf->is_root_rw = false;
nsjconf->is_silent = false;
nsjconf->skip_setsid = false;
nsjconf->stderr_to_null = false;
nsjconf->skip_setsid = false;
nsjconf->max_conns_per_ip = 0;
nsjconf->proc_path = "/proc";
nsjconf->is_proc_rw = false;
@ -566,15 +566,15 @@ std::unique_ptr<nsjconf_t> parseArgs(int argc, char* argv[]) {
case 0x0502:
nsjconf->is_silent = true;
break;
case 0x0503:
nsjconf->stderr_to_null = true;
break;
case 0x0504:
nsjconf->skip_setsid = true;
break;
case 0x0505:
nsjconf->openfds.push_back((int)strtol(optarg, NULL, 0));
break;
case 0x0506:
nsjconf->stderr_to_null = true;
break;
case 0x0507:
nsjconf->disable_no_new_privs = true;
break;

2
nsjail.h
View File

@ -115,8 +115,8 @@ struct nsjconf_t {
enum ns_mode_t mode;
bool is_root_rw;
bool is_silent;
bool skip_setsid;
bool stderr_to_null;
bool skip_setsid;
unsigned int max_conns_per_ip;
std::string proc_path;
bool is_proc_rw;