user: more comments
This commit is contained in:
parent
293a683b14
commit
be25a24b5b
@ -26,7 +26,7 @@
|
||||
|
||||
#include "common.h"
|
||||
|
||||
bool containSetupFD(struct nsjconf_t *nsjconf, int fd_in, int fd_out, int fd_err);
|
||||
bool containSetupFD(struct nsjconf_t * nsjconf, int fd_in, int fd_out, int fd_err);
|
||||
bool containContain(struct nsjconf_t *nsjconf);
|
||||
|
||||
#endif /* NS_CONTAIN_H */
|
||||
|
12
mount.c
12
mount.c
@ -290,6 +290,10 @@ static bool mountGetDir(char *dir, const char *name)
|
||||
|
||||
static bool mountInitNsInternal(struct nsjconf_t *nsjconf)
|
||||
{
|
||||
/*
|
||||
* If CLONE_NEWNS is not used, we would be changing the global mount namespace, so simply
|
||||
* use --chroot in this case
|
||||
*/
|
||||
if (nsjconf->clone_newns == false) {
|
||||
if (nsjconf->chroot == NULL) {
|
||||
PLOG_E
|
||||
@ -318,6 +322,7 @@ static bool mountInitNsInternal(struct nsjconf_t *nsjconf)
|
||||
return false;
|
||||
}
|
||||
|
||||
/* Make changes to / (recursively) private, to avoid changing the global mount ns */
|
||||
if (mount("/", "/", NULL, MS_REC | MS_PRIVATE, NULL) == -1) {
|
||||
PLOG_E("mount('/', '/', NULL, MS_REC|MS_PRIVATE, NULL)");
|
||||
return false;
|
||||
@ -348,6 +353,13 @@ static bool mountInitNsInternal(struct nsjconf_t *nsjconf)
|
||||
PLOG_E("umount2('%s', MNT_DETACH)", tmpdir);
|
||||
return false;
|
||||
}
|
||||
/*
|
||||
* This requires some explanation: It's actually possible to pivot_root('/', '/'). After this
|
||||
* operation has been completed, the old root is mounted over the new root, and it's OK to
|
||||
* simply umount('/') now, and to have new_root as '/'. This allows us not care about
|
||||
* providing any special directory for old_root, which is sometimes not easy, given that e.g.
|
||||
* /tmp might not always be present inside new_root
|
||||
*/
|
||||
if (syscall(__NR_pivot_root, destdir, destdir) == -1) {
|
||||
PLOG_E("pivot_root('%s', '%s')", destdir, destdir);
|
||||
return false;
|
||||
|
11
user.c
11
user.c
@ -241,12 +241,12 @@ static bool userUidGidMap(struct nsjconf_t *nsjconf, pid_t pid)
|
||||
|
||||
bool userInitNsFromParent(struct nsjconf_t * nsjconf, pid_t pid)
|
||||
{
|
||||
if (nsjconf->clone_newuser == false) {
|
||||
return true;
|
||||
}
|
||||
if (userSetGroups(pid) == false) {
|
||||
return false;
|
||||
}
|
||||
if (nsjconf->clone_newuser == false) {
|
||||
return true;
|
||||
}
|
||||
if (userUidGidMap(nsjconf, pid) == false) {
|
||||
return false;
|
||||
}
|
||||
@ -264,6 +264,11 @@ bool userInitNsFromChild(struct nsjconf_t * nsjconf)
|
||||
PLOG_D("setgroups(NULL) failed");
|
||||
}
|
||||
|
||||
/*
|
||||
* If we don't use CLONE_NEWUSER, then presumably this binary has been run with euid==0, in
|
||||
* which case we need to avoid calling setuid/setgid, in order to avoid loosing capabilities
|
||||
* which will be needed for uname/mount/etc.-like syscalls
|
||||
*/
|
||||
if (nsjconf->clone_newuser == false) {
|
||||
return true;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user