woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,210 Commits 2 Branches 0 Tags 1.5 MiB
439606be70
Commit Graph

1210 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Swiecki
7f72cbd497 all: move to C++ 2018-02-09 18:55:42 +01:00
Robert Swiecki
a6c34999f2 util: move to C++ 2018-02-09 18:45:50 +01:00
Robert Swiecki
a82abf4dcb mount: move to C++ 2018-02-09 18:26:16 +01:00
Robert Swiecki
15170f9d6c cgroup: move to C++ 2018-02-09 18:13:17 +01:00
Robert Swiecki
27a226ad28 user: move to C++ 2018-02-09 18:08:11 +01:00
Robert Swiecki
8e8fcc2815 uts: move to C++ 2018-02-09 17:59:51 +01:00
Robert Swiecki
a07f389a50 pid: move to C++ 2018-02-09 17:57:19 +01:00
Robert Swiecki
c4e57bf27e caps: move to C++ 2018-02-09 17:49:13 +01:00
Robert Swiecki
ff282fb385 cpu: move to C++ 2018-02-09 17:41:16 +01:00
Robert Swiecki
cb6222abdf net: move to C++ 2018-02-09 17:27:28 +01:00
Robert Swiecki
bd0c3fea69 sandbox: move to C++ 2018-02-09 17:16:41 +01:00
Robert Swiecki
21e1495c24 contain: move to C++ 2018-02-09 17:09:58 +01:00
Robert Swiecki
a2daa94722 subproc: move to C++ 2018-02-09 17:03:02 +01:00
Robert Swiecki
840b75025c cmdline: move to C++ 2018-02-09 15:44:29 +01:00
Robert Swiecki
0a311af2ad nsjail: make nsjail.c nsjail.cc 2018-02-08 15:24:17 +01:00
Robert Swiecki
750cf04916 Merge branch 'master' of github.com:google/nsjail 2018-02-08 15:23:26 +01:00
Robert Swiecki
d7cb58e280 Add missing O_RDONLY here and there 2018-02-08 15:23:15 +01:00
Robert Swiecki
30e84f7add cgroup: set cpu period as well 2018-02-04 04:23:45 +01:00
Robert Swiecki
3ee825c4aa cgroups: add support for CPU cgroup 2018-02-04 04:15:19 +01:00
Robert Swiecki
19ea0703f2 sandbox: compile seccomp-bpf policy once only 2018-02-01 14:19:01 +01:00
Robert Swiecki
354c5ae47b open kafel file in each kafel subproc individually to avoid file pos sharing 2018-01-31 16:04:39 +01:00
Robert Swiecki
6e63fd4115 rewind kafel file before using 2018-01-31 14:40:23 +01:00
robertswiecki
b60d38557d
Merge pull request #72 from rutsky/fix_tmpfs_size 
fix tmpfs size setting
 2018-01-08 02:50:30 +01:00
Vladimir Rutsky
f8a8506996 fix tmpfs size setting 
Broken since c35857cff2 commit.

Signed-off-by: Vladimir Rutsky <rutsky@google.com>
 2018-01-08 02:02:19 +01:00
robertswiecki
6e3993b9ca
Merge pull request #68 from rutsky/fix_mode_in_error_messages 
fix permission values in error messages
 2018-01-02 22:55:42 +01:00
Vladimir Rutsky
87c19b803f fix permission values in error messages 
Signed-off-by: Vladimir Rutsky <rutsky@google.com>
 2018-01-02 22:43:45 +01:00
robertswiecki
f7c4e4b13d
Merge pull request #67 from maxmati/master 
Remove redundant check if UTS namespace is enabled
 2017-12-20 22:32:47 +01:00
Mateusz Nowotyński
600f7fcc89
Remove redundant check if UTS namespace is enabled 2017-12-20 19:56:44 +01:00
Robert Swiecki
b7b6faf5df new kafel 2017-12-18 02:04:44 +01:00
robertswiecki
a92461042c
Merge pull request #66 from kant/patch-1 
Minor fixes (proposal)
 2017-12-09 14:13:11 +01:00
Darío Hereñú
2eaa979b5a
Minor fixes (proposal) 2017-12-09 09:05:37 -03:00
Robert Swiecki
e55ab672c2 configs: use rlimit_cpu_type instead of rlimit_cpu: 18446744073709551615 2017-12-07 15:35:52 +01:00
Robert Swiecki
f31d539e72 configs/ #typos 2017-12-07 15:06:31 +01:00
Robert Swiecki
928e5344f1 New config for xchat2 #typos 2017-12-07 15:03:23 +01:00
Robert Swiecki
86b6789bed New config for xchat2 2017-12-07 14:39:19 +01:00
Robert Swiecki
750d37aefd configs/firefox*: add fontconfig 2017-12-05 22:23:48 +01:00
Robert Swiecki
8fe58806f2 configs/imagemagick: more syscalls allowed 2017-12-05 22:13:00 +01:00
Robert Swiecki
af7bfc16aa config.cc: set exec_file only if arg0 is set 2017-12-05 15:44:53 +01:00
Robert Swiecki
5c8397860c configs: some fixes thanks to the write-up at https://offbyinfinity.com/2017/12/sandboxing-imagemagick-with-nsjail/ 2017-12-05 15:01:27 +01:00
Robert Swiecki
e8e2f4b011 user: correct check for getpwnam/gegrpnam failures 2017-12-02 02:53:32 +01:00
Robert Swiecki
dd0b51eded remove _NSConcreteStackBlock as we don't use defer{} any more 2017-11-20 17:03:06 +01:00
Robert Swiecki
d7bcad2076 nsjail.h: different if guards for TEMP_FAILURE_RETRY 2017-11-08 17:20:57 +01:00
robertswiecki
26d0a278c6
Merge pull request #64 from ebadi/master 
Minor fixes
 2017-11-08 17:16:53 +01:00
Hamid Ebadi
be8fb2ad73 Minor fixes 2017-11-08 16:45:02 +01:00
robertswiecki
9b6759f1a1
Merge pull request #63 from ShikChen/master 
Fix max_conns_per_ip
 2017-11-04 17:52:59 +01:00
shik
9e355cbcfc fix max_conns_per_ip 2017-11-04 22:15:31 +08:00
Robert Swiecki
a07ee95595 cmdline: comment on skip_setsid 2017-11-02 13:13:07 +01:00
Robert Swiecki
e2f96f6019 config.proto: comment on skip_setsid 2017-11-02 13:08:08 +01:00
Robert Swiecki
6dec393fb2 subproc: actually si_syscall don't show syscalls 2017-11-01 14:21:50 +01:00
robertswiecki
27c05b367f
Merge pull request #61 from jvvv/master 
Adjust documents for clone_newcgroup change.
 2017-10-28 23:36:02 +02:00