woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
661 Commits 2 Branches 0 Tags 1.5 MiB
1b4577e53f
Commit Graph

27 Commits

Author SHA1 Message Date
Robert Swiecki
4ffec405de Makefile: add columnt limit to the indent 2017-10-17 15:22:23 +02:00
Robert Swiecki
fb018c2596 user: use setresuid32 where available first (on some 32bit platforms: 2017-10-17 15:16:27 +02:00
Robert Swiecki
64325b3862 user: remove static from idx vars, it causes crash after many iterations of nsjail 2017-10-16 15:19:07 +02:00
Robert Swiecki
74b43346bd make indent 2017-10-08 23:00:45 +02:00
Robert Swiecki
37dcac6218 user: comments 2017-10-01 19:01:36 +02:00
Robert Swiecki
dfe3bac4ef user: log message 2017-10-01 16:13:17 +02:00
Robert Swiecki
02951e0ac8 user: simplify login when running with --disable_clonew_newuser by using prctl(PR_SET_SECUREBITS, SECBIT_KEEP_CAPS | SECBIT_NO_SETUID_FIXUP) 2017-10-01 16:11:46 +02:00
Robert Swiecki
be25a24b5b user: more comments 2017-10-01 15:54:04 +02:00
Robert Swiecki
2b797a19fd mount: allow to use --disable_newuser for root users 2017-10-01 05:16:01 +02:00
Robert Swiecki
374f6cc4f0 config: Initial work on converting config.c to c++ protobuf lib 
config: Initial work on converting config.c to c++ protobuf lib #2

config: Initial work on converting config.c to c++ protobuf lib #3

config: Initial work on converting config.c to c++ protobuf lib #4

config: Initial work on converting config.c to c++ protobuf lib #5

config: Initial work on converting config.c to c++ protobuf lib #6
 2017-09-14 21:17:38 +02:00
Robert Swiecki
b5b47938d9 user: better check for uids/gids existence 2017-05-28 01:16:48 +02:00
Robert Swiecki
d7ccf0c9d8 Simplify uids/gids maps 2017-05-28 01:05:27 +02:00
Robert Swiecki
53f825115f More work on uid mappings 2017-05-26 23:26:07 +02:00
Robert Swiecki
4eaa6cc9d3 Rewrite uid mapping system 2017-05-26 23:07:47 +02:00
Robert Swiecki
6f6eb65522 make indent 2017-05-25 13:37:53 +02:00
Robert Swiecki
57f9a0f9db Invalid count 2 -> 1 2017-02-10 02:24:35 +01:00
Robert Swiecki
d5a2130164 newuidmap: partial revert 2017-02-09 13:37:58 +01:00
Robert Swiecki
21982290e5 newuidmap: missing pid 2017-02-09 13:37:21 +01:00
Robert Swiecki
4a154733e0 Allow to specify multiple uid/gid maps 2017-02-08 00:36:32 +01:00
Robert Swiecki
f7b9fede69 More debug logging in user.c 2017-02-07 18:40:36 +01:00
Robert Swiecki
3b83267cfd Init user-ns setresuid/setresgid before initializing other NSes 2017-02-07 18:31:50 +01:00
Robert Swiecki
fe7fe8591f Use common subprocSystem for executing commands 2016-10-12 02:01:12 +02:00
Robert Swiecki
a30e2f107c Make indent 2016-10-12 00:59:10 +02:00
Stephen Röttger
1c950391a1 Support more complex uid and gid mappings 
Introduces the new options uid_mapping and gid_mapping that specify
arbitrary custom mappings. If these options are used, nsjail will
use newuidmap/newgidmap to write the map files.
 2016-09-30 15:30:15 +02:00
Jagger
1e7e0f6303 Remove reduntant check 2016-03-04 01:30:56 +01:00
Jagger
65c3ca8a15 Check for specific clone flags before enabling functionality 2016-03-03 20:11:32 +01:00
Robert Swiecki
2652872fac CLONE_NEWUSER routines in a separate module 2016-03-03 15:54:15 +01:00