woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
305 Commits 2 Branches 0 Tags 1.5 MiB
438fd80ecf
Commit Graph

305 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jagger
6c5c80256d Make valgrind silent 2016-02-29 22:22:03 +01:00
Jagger
6a3a70dce1 Skip type for macvlan in nl3 2016-02-29 22:18:57 +01:00
Jagger
a194a90ae4 Use NL3 for macvlan if present 2016-02-29 22:12:01 +01:00
Robert Swiecki
296ef302e4 Better cmdline descriptions 2016-02-29 20:20:38 +01:00
Robert Swiecki
114ce7e976 Make it possible to compile with clang 2016-02-29 19:09:39 +01:00
Robert Swiecki
466f49e16d Indent/Depend 2016-02-29 18:56:52 +01:00
Robert Swiecki
28cc3bb0b9 Create 'vs' and put it into NS in one command 2016-02-29 17:59:49 +01:00
Robert Swiecki
50d17e6c91 Missing 'name' in /sbin/ip macvlan 2016-02-29 17:56:03 +01:00
Robert Swiecki
af6a6bb2dc Don't initialize the 'vs' interface by default 2016-02-29 17:50:25 +01:00
Robert Swiecki
4bab84fbcf Change macvtap into macvlan mode bridge 2016-02-29 17:46:36 +01:00
Robert Swiecki
62eda3c738 Add child only after successful clone() 2016-02-29 16:09:08 +01:00
Robert Swiecki
872a561b4c Better description for --user / --group 2016-02-29 15:47:33 +01:00
Robert Swiecki
4cb1c01938 Default values for 'vs' interface 2016-02-29 15:36:31 +01:00
Jagger
e4ac7f411c Default net values for 'vs' 2016-02-29 02:59:59 +01:00
Jagger
d2f47fff92 Add network configuration for the 'vs' interface 2016-02-29 02:51:55 +01:00
Jagger
e0a6908348 Check for WIFSTOPPED/WIFCONTINUED with wait4 2016-02-29 00:32:14 +01:00
Jagger
43983cbb17 Add --iface_lo_up 2016-02-29 00:14:36 +01:00
Jagger
6218fe2336 Implementation of netSystemSbinIp 2016-02-28 23:40:34 +01:00
Jagger
8dad34ae4a Set-up parent in a separate function 2016-02-28 23:23:24 +01:00
Jagger
3431578e3e Always put macvtap as virt.ns 2016-02-28 16:52:37 +01:00
Jagger
9a7b8550a6 Return early in case of problems with set-up of the child from parent 2016-02-28 16:43:35 +01:00
Jagger
d8007e15ad Correct write() check 2016-02-28 16:38:10 +01:00
Jagger
fb8eb88410 No need to update /proc/pid/setgroups if euid==0 2016-02-28 02:41:57 +01:00
Jagger
da8999ee47 Initialize user/group maps from the parent process 2016-02-28 02:35:22 +01:00
Jagger
8d641169e3 Initialize user/group maps from the parent process 2016-02-28 02:34:43 +01:00
Jagger
1cfe9d470a Remove debugging code 2016-02-28 02:15:36 +01:00
Jagger
ad4b0105a7 No need to add (default:none) in cmdline 2016-02-28 01:52:09 +01:00
Robert Swiecki
be639261b5 Automatically create destination dir for 'proc' and 'tmpfs' mounts 2016-02-25 18:45:23 +01:00
Robert Swiecki
9852028522 Implement --bindhost 2016-02-25 18:27:48 +01:00
Robert Swiecki
4ec7c12c99 Add MS_REC to MS_RDONLY 2016-02-25 18:27:42 +01:00
Robert Swiecki
5b78d31f3f Remove (disable: false) from cmdline.c as it's obvious 2016-02-16 18:56:52 +01:00
Robert Swiecki
aebc3dba41 Env variables (setting/clearing) 2016-01-26 17:42:10 +01:00
Jagger
fd98f4009e Default re-chroot to '/' 2016-01-25 22:27:06 +01:00
Robert Swiecki
87829e3f6e Implement --skip_setsid 2016-01-25 18:09:32 +01:00
Jagger
d36deb5d0d Use --user x:y notation (not working yet) 2016-01-23 07:05:24 +01:00
Jagger
a225069b4d Use %#x instead of %u 2016-01-22 00:50:45 +01:00
Jagger
c3298d0019 Remove _FORTIFY_SOURCE=2 2016-01-22 00:11:31 +01:00
robertswiecki
53905ed813 Merge pull request #4 from q3k/master 
Move definition of _FORTIFY_SOURCE to nsjail.h
 2016-01-20 20:23:02 +01:00
Sergiusz 'q3k' Bazański
fe2550e35b Move definition of _FORTIFY_SOURCE to nsjail.h 
This lets us undefine any built-in gcc macro. Otherwise, a redefinition
from the command line occurs and a warning is thrown, breaking the build
(due to -Werror).
 2016-01-20 20:21:27 +01:00
Robert Swiecki
0ac43cddf0 No need to include log.h in util.h 2016-01-20 18:05:42 +01:00
Robert Swiecki
4f90b612d0 correct guard macro comment 2016-01-20 18:00:13 +01:00
Robert Swiecki
19de49b375 Missing util.* 2016-01-20 17:55:40 +01:00
Jagger
24af1c6d98 Introduce util.c 2016-01-17 04:14:09 +01:00
Robert Swiecki
307a6f0257 Create a file/dir inside jail beforemounting 2016-01-14 15:44:29 +01:00
Robert Swiecki
42efeb6073 Add --cmd 2016-01-14 15:26:18 +01:00
Jagger
dcd80af9bc Revert of .chroot = NULL 2016-01-09 16:11:31 +01:00
Jagger
2765e58c4e Use TAILQ instead of LIST to insert new mount entries at the end 2016-01-09 16:09:05 +01:00
Robert Swiecki
88e796e004 Set a separate session/process_group 2015-11-24 18:34:05 +01:00
Robert Swiecki
da133a6d11 Correctly cast arguments to syscall() 2015-11-19 15:04:41 +01:00
robertswiecki
22f3ca5ecb Merge pull request #3 from JamyDev/master 
Add `cwd` option to define what folder in the jail the process should start in.
 2015-11-07 15:03:28 +01:00