woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mount: try creating starting tmpfs's in /run/user/<uid> first

Browse Source
This commit is contained in:
Robert Swiecki 2017-10-19 22:39:37 +02:00
parent 4152f3ea93
commit 7e49be4dc3
3 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cmdline.c
View File

@ -368,6 +368,7 @@ bool cmdlineParse(int argc, char* argv[], struct nsjconf_t* nsjconf)
.iface_vs_gw = "0.0.0.0",
.kafel_file = NULL,
.kafel_string = NULL,
.orig_uid = getuid(),
.num_cpus = sysconf(_SC_NPROCESSORS_ONLN),
};

14
mount.c
View File

@ -266,9 +266,9 @@ static bool mountMkdirAndTest(const char* dir)
return true;
}
static bool mountGetDir(char* dir, const char* name)
static bool mountGetDir(struct nsjconf_t* nsjconf, char* dir, const char* name)
{
snprintf(dir, PATH_MAX, "/dev/shm/nsjail.%s", name);
snprintf(dir, PATH_MAX, "/run/user/%u/nsjail.%s", nsjconf->orig_uid, name);
if (mountMkdirAndTest(dir)) {
return true;
}
@ -278,11 +278,15 @@ static bool mountGetDir(char* dir, const char* name)
}
const char* tmp = getenv("TMPDIR");
if (tmp) {
snprintf(dir, PATH_MAX, "%s/nsjail.%s", name, tmp);
snprintf(dir, PATH_MAX, "%s/nsjail.%s", tmp, name);
if (mountMkdirAndTest(dir)) {
return true;
}
}
snprintf(dir, PATH_MAX, "/dev/shm/nsjail.%s", name);
if (mountMkdirAndTest(dir)) {
return true;
}
snprintf(dir, PATH_MAX, "/tmp/nsjail.%s.%" PRIx64, name, utilRnd64());
if (mountMkdirAndTest(dir)) {
return true;
@ -321,7 +325,7 @@ static bool mountInitNsInternal(struct nsjconf_t* nsjconf)
}
char destdir[PATH_MAX];
if (mountGetDir(destdir, "root") == false) {
if (mountGetDir(nsjconf, destdir, "root") == false) {
LOG_E("Couldn't obtain root mount directories");
return false;
}
@ -337,7 +341,7 @@ static bool mountInitNsInternal(struct nsjconf_t* nsjconf)
}
char tmpdir[PATH_MAX];
if (mountGetDir(tmpdir, "tmp") == false) {
if (mountGetDir(nsjconf, tmpdir, "tmp") == false) {
LOG_E("Couldn't obtain temporary mount directories");
return false;
}

2
nsjail.h
View File

@ -160,8 +160,8 @@ struct nsjconf_t {
size_t cgroup_pids_max;
FILE* kafel_file;
char* kafel_string;
uid_t orig_euid;
long num_cpus;
uid_t orig_uid;
TAILQ_HEAD(udmaplist, idmap_t)
uids;
TAILQ_HEAD(gdmaplist, idmap_t)