Robert Swiecki
|
111481532b
|
config: add --iface_own to the proto config
|
2018-06-03 03:19:40 +02:00 |
|
Robert Swiecki
|
a30f2ddf12
|
configs/firefox - global user must be specified because of X11 permissions
|
2018-06-01 23:39:07 +02:00 |
|
Robert Swiecki
|
15a13e78b8
|
cmdline: remove deprecated options
|
2018-06-01 17:15:47 +02:00 |
|
Robert Swiecki
|
2d5e90cd04
|
configs/firefox: no need to specify local users
|
2018-06-01 17:06:46 +02:00 |
|
Robert Swiecki
|
4e243825df
|
configs: /etc/machine-id doesn't seem required
|
2018-06-01 12:22:03 +02:00 |
|
Robert Swiecki
|
e3fae9b4d5
|
configs/firefox: disable clone_newnet for regular-user-firefox
|
2018-06-01 12:19:35 +02:00 |
|
Robert Swiecki
|
4c251fb593
|
configs: updated and synchronized for firefox
|
2018-06-01 12:17:27 +02:00 |
|
Robert Swiecki
|
824b9a2982
|
net: dbg message
|
2018-06-01 03:14:48 +02:00 |
|
Robert Swiecki
|
78fa4031c4
|
net: separate function for interface configuration
|
2018-06-01 02:10:05 +02:00 |
|
Robert Swiecki
|
47c8cf7a01
|
net: support owning interfaces with libnl too
|
2018-05-31 14:45:44 +02:00 |
|
Robert Swiecki
|
7d57fc81be
|
cmdline: add iface_own to take ownership of one of the global interfaces
|
2018-05-30 15:26:09 +02:00 |
|
Robert Swiecki
|
0620d7a50c
|
cmdline: name of params
|
2018-05-30 15:03:01 +02:00 |
|
Robert Swiecki
|
fbf484f933
|
nsjail: more debug messages
|
2018-05-28 02:04:03 +02:00 |
|
Robert Swiecki
|
ff63b2ed4f
|
nsjail: better return values
|
2018-05-28 01:40:02 +02:00 |
|
Robert Swiecki
|
b8798fc9a7
|
use strtoimax when needed
|
2018-05-26 13:54:17 +02:00 |
|
Robert Swiecki
|
5681a1822d
|
new version of kafel
|
2018-05-26 03:34:27 +02:00 |
|
Robert Swiecki
|
5643e790fc
|
nsjail: make listenMode return int
|
2018-05-26 01:24:58 +02:00 |
|
Robert Swiecki
|
5632b66a5f
|
cmdline: check val value before conversion
|
2018-05-26 00:40:28 +02:00 |
|
Robert Swiecki
|
9ed90812c0
|
better checks for strto*l errors
|
2018-05-25 23:53:11 +02:00 |
|
Robert Swiecki
|
5b7cfc7f00
|
namespace'ize nsjail.cc
|
2018-05-25 02:15:47 +02:00 |
|
Robert Swiecki
|
b55875f45e
|
nsjail: change the owner of struct termios
|
2018-05-25 02:05:12 +02:00 |
|
Robert Swiecki
|
0b8e927aed
|
nsjail: save console just before we're prepared to run commands
|
2018-05-25 01:06:05 +02:00 |
|
Robert Swiecki
|
2470635c7c
|
nsjail: save and restore console params
|
2018-05-25 01:04:29 +02:00 |
|
Robert Swiecki
|
86b36088cf
|
util: remove unused sSnPrintf
|
2018-05-24 18:32:01 +02:00 |
|
Robert Swiecki
|
fe7b53c1fd
|
caps: remove unused var
|
2018-05-24 15:38:09 +02:00 |
|
Robert Swiecki
|
b7db2fabc7
|
cmdline: better description for --seccomp_log in nsjail.1
|
2018-05-24 15:34:16 +02:00 |
|
Robert Swiecki
|
b69b4d15cc
|
cmdline: better description for --seccomp_log
|
2018-05-24 15:21:42 +02:00 |
|
robertswiecki
|
4f48c181e2
|
Merge pull request #77 from jvvv/master
Add new --seccomp_log option to docs
|
2018-05-24 15:17:59 +02:00 |
|
John Vogel
|
006270746d
|
Add new --seccomp_log option to docs
|
2018-05-23 20:44:31 -04:00 |
|
Robert Swiecki
|
2b6955e48c
|
A few c++isms more
|
2018-05-23 18:19:17 +02:00 |
|
Robert Swiecki
|
6d3fb7e5b2
|
sandbox: casting for syscall()
|
2018-05-23 15:46:25 +02:00 |
|
Robert Swiecki
|
48e8634ba5
|
config: add support for seccomp_log
|
2018-05-23 15:38:45 +02:00 |
|
Robert Swiecki
|
4394fa725e
|
sandbox: add support for SECCOMP_FILTER_FLAG_LOG
|
2018-05-23 15:32:45 +02:00 |
|
Robert Swiecki
|
c365eb1766
|
More c++ isms
|
2018-05-22 14:27:18 +02:00 |
|
Robert Swiecki
|
a42203a6dd
|
user: cons'ifize a var
|
2018-05-20 23:52:55 +02:00 |
|
Robert Swiecki
|
f8db8c7eea
|
mnt: add original_uid to directories created as new root by nsjail
|
2018-05-16 15:50:31 +02:00 |
|
Robert Swiecki
|
1b3e42d65a
|
more C++-izations over places #2
|
2018-04-29 01:15:44 +02:00 |
|
Robert Swiecki
|
a346634ec3
|
more C++-izations over places
|
2018-04-29 01:10:09 +02:00 |
|
Robert Swiecki
|
6e2e64e73e
|
mnt: better mount flag printing
|
2018-04-29 00:58:35 +02:00 |
|
Robert Swiecki
|
0e4f623456
|
config.proto: deprecated --chroot and friends
|
2018-04-29 00:51:55 +02:00 |
|
Robert Swiecki
|
6d5a2c37ff
|
mnt: c++-ication
|
2018-04-27 23:58:53 +02:00 |
|
robertswiecki
|
cfa3a64614
|
Merge pull request #75 from D0han/master
Build docker image from current source
|
2018-04-18 14:11:19 +02:00 |
|
Robert Swiecki
|
c4b51e6495
|
missing macros.h include
|
2018-04-12 23:49:10 +02:00 |
|
D0han
|
efb22279bc
|
Build docker image from current source
|
2018-04-11 17:02:20 +02:00 |
|
Robert Swiecki
|
12ec24e000
|
newer kafel
|
2018-04-09 19:14:23 +02:00 |
|
robertswiecki
|
e0c13f55a8
|
Merge pull request #74 from jvvv/master
nsjail.1: update for new options.
|
2018-02-25 01:03:50 +01:00 |
|
John Vogel
|
9f318949bd
|
README.md: adjust to match manual page.
|
2018-02-24 03:08:56 -05:00 |
|
John Vogel
|
a308132d70
|
nsjail.1: update for new options.
Also, move the --cap option description so that it follows the
--keep-caps option, which matches the README and seems logical.
|
2018-02-24 02:39:36 -05:00 |
|
Robert Swiecki
|
6b74580a89
|
mnt: simplify mountPt
|
2018-02-21 03:29:26 +01:00 |
|
Robert Swiecki
|
9168ec5948
|
cmdline: add tmp mounts after parsing of cmdline as tmpfs_size can be specified after -T
|
2018-02-20 21:03:22 +01:00 |
|