Jagger
|
24af1c6d98
|
Introduce util.c
|
2016-01-17 04:14:09 +01:00 |
|
Robert Swiecki
|
307a6f0257
|
Create a file/dir inside jail beforemounting
|
2016-01-14 15:44:29 +01:00 |
|
Robert Swiecki
|
42efeb6073
|
Add --cmd
|
2016-01-14 15:26:18 +01:00 |
|
Jagger
|
dcd80af9bc
|
Revert of .chroot = NULL
|
2016-01-09 16:11:31 +01:00 |
|
Jagger
|
2765e58c4e
|
Use TAILQ instead of LIST to insert new mount entries at the end
|
2016-01-09 16:09:05 +01:00 |
|
Robert Swiecki
|
88e796e004
|
Set a separate session/process_group
|
2015-11-24 18:34:05 +01:00 |
|
Robert Swiecki
|
da133a6d11
|
Correctly cast arguments to syscall()
|
2015-11-19 15:04:41 +01:00 |
|
robertswiecki
|
22f3ca5ecb
|
Merge pull request #3 from JamyDev/master
Add `cwd` option to define what folder in the jail the process should start in.
|
2015-11-07 15:03:28 +01:00 |
|
Jamy Timmermans
|
0e14a0b341
|
Update readme with cwd property
|
2015-11-07 13:33:50 +01:00 |
|
Jamy Timmermans
|
bd5ed5ac63
|
Fix dereference in cwd option
|
2015-11-07 06:11:55 -06:00 |
|
Jamy Timmermans
|
93abc40dde
|
Add a cwd option
This way the process being spawned can be in a directory if the
spawner’s choosing (as ling as it’s available in the chroot)
|
2015-11-07 13:01:44 +01:00 |
|
Jagger
|
5f5e496179
|
Make it compile with -m32
|
2015-10-18 20:47:44 +02:00 |
|
Jagger
|
558ede7dfe
|
Make __user_cap_data_struct const
|
2015-10-18 20:39:06 +02:00 |
|
Jagger
|
49faea78b0
|
Use 0x%tx for uintptr_t
|
2015-10-17 19:14:57 +02:00 |
|
Jagger
|
500e3efbaf
|
Move LOG_I earlier in subproc.c
|
2015-10-17 19:11:48 +02:00 |
|
Jagger
|
59cedfe10f
|
Use just a single list for mount-points (RO, RW, chroot)
|
2015-10-17 16:48:30 +02:00 |
|
Jagger
|
a7d04def38
|
__FUNCTION__ -> __func__ as C99 standard
|
2015-10-17 03:51:35 +02:00 |
|
Robert Swiecki
|
5202a7fc07
|
Use rlimit64
|
2015-10-13 19:06:59 +02:00 |
|
Jagger
|
3c9c63b608
|
In case there's no CLONE_NEWNS, just chroot()
|
2015-08-16 10:55:14 +02:00 |
|
Jagger
|
cbb64d571d
|
Make --disable_proc work
|
2015-08-15 20:48:48 +02:00 |
|
Jagger
|
da4fc22eab
|
indent 100
|
2015-08-15 20:10:07 +02:00 |
|
Jagger
|
99d78a996a
|
readme typo
|
2015-08-15 16:20:48 +02:00 |
|
Jagger
|
c93ac358e1
|
Fixed flag description for --log
|
2015-08-15 16:05:57 +02:00 |
|
Jagger
|
701825970a
|
Implementation of MODE_STANDALONE_EXECVE
|
2015-08-15 16:02:38 +02:00 |
|
Jagger
|
5dc0fe193a
|
Better logging for clone failure
|
2015-08-12 04:32:34 +02:00 |
|
Jagger
|
292a8af67f
|
Use 'R' as an alias for bindmount_ro
|
2015-08-12 04:27:57 +02:00 |
|
Jagger
|
04fa1e9c1f
|
More verbose error messages for mounting files/dirs
|
2015-08-12 01:17:54 +02:00 |
|
Jagger
|
07df4307f5
|
Move tmpfs mounting before pivot_chroot
|
2015-08-12 00:58:26 +02:00 |
|
Jagger
|
a47a651999
|
Create a file for sockets/devs/files bind mounts
|
2015-08-11 14:34:17 +02:00 |
|
Jagger
|
8b951e6c28
|
Checks for strdup() result. Use remountBindMount since we have it
|
2015-07-15 03:33:13 +02:00 |
|
robertswiecki
|
e412608b61
|
Merge pull request #2 from jtolds/master
Typo fix
|
2015-07-14 22:11:18 +02:00 |
|
JT Olds
|
2ab390b1c6
|
Typo fix
|
2015-07-13 16:37:18 -06:00 |
|
Jagger
|
e3fe2d183c
|
tmpfs_size (size_t) + indent
|
2015-07-08 00:54:59 +02:00 |
|
robertswiecki
|
a7c2284f4f
|
Merge pull request #1 from jtolds/master
A collection of small changes (need feedback)
|
2015-07-07 23:43:56 +02:00 |
|
JT Olds
|
8841a08dd3
|
Make tmpfs size configurable
|
2015-07-07 15:42:25 -06:00 |
|
JT Olds
|
d43c4975ae
|
Return failing exit status on timeout
|
2015-07-07 15:41:58 -06:00 |
|
JT Olds
|
5b28785790
|
Don't mount NODEV so stuff like /dev/null works
Users now need to be careful about allowing device special files
in the jail.
|
2015-07-07 15:41:55 -06:00 |
|
JT Olds
|
3e7f15fcbe
|
update readme
|
2015-07-07 11:54:36 -06:00 |
|
JT Olds
|
821eb78054
|
Improve bindmount interface.
Now supports readonly bindmounts and
differentiating between source and target path.
|
2015-07-07 11:52:32 -06:00 |
|
JT Olds
|
459a220133
|
Return child exit status in standalone mode
|
2015-07-07 10:33:47 -06:00 |
|
Robert Swiecki
|
8cfa157455
|
Remove unused struct definition
|
2015-06-19 16:35:02 +02:00 |
|
Jagger
|
c6f8843c64
|
Indent
|
2015-06-18 03:07:22 +02:00 |
|
Jagger
|
5dfdb470cd
|
Replace self-made list of pointers with queue.h
|
2015-06-18 03:00:39 +02:00 |
|
Robert Swiecki
|
1c99a839ac
|
Initialize nsjconf structure in the commandline module:
|
2015-06-17 16:52:51 +02:00 |
|
Jagger
|
9960304cab
|
A crude way of cloning an eth interface
|
2015-05-28 03:37:08 +02:00 |
|
Robert Swiecki
|
470bbb9a5d
|
+ .gitignore
|
2015-05-27 17:51:01 +02:00 |
|
Robert Swiecki
|
b01eb30f6b
|
Close pipefd[1] before reading from pipefd[0]
|
2015-05-27 15:41:08 +02:00 |
|
Robert Swiecki
|
dcc0565338
|
Define PR_SET_NO_NEW_PRIVS for older glibc-s
|
2015-05-22 14:31:08 +02:00 |
|
Robert Swiecki
|
08d1add31d
|
More instructive error message
|
2015-05-21 18:40:34 +02:00 |
|
Jagger
|
ab68730861
|
More descriptive help for -T
|
2015-05-21 00:36:28 +02:00 |
|