woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,184 Commits 2 Branches 0 Tags 1.5 MiB
4437810830
Commit Graph

143 Commits

Author SHA1 Message Date
Robert Swiecki
ca705b4fea Makefile: remove relro,now as it doesn't allow to compile under some archs 2017-10-27 01:53:05 +02:00
Robert Swiecki
082b3821bb Makefile/indent: add clang-format for proto 2017-10-26 00:34:32 +02:00
Robert Swiecki
e2529ce04f Makefile/indent: base it on the google template with modifications 2017-10-26 00:26:02 +02:00
Robert Swiecki
152d6d68ae simplify includes, remove unneeded, add needed 2017-10-18 14:46:17 +02:00
Robert Swiecki
58d6b3075c Move struct nsjail_t definition to nsjail.h and leave only macros in common.h 2017-10-18 14:27:34 +02:00
Robert Swiecki
4ffec405de Makefile: add columnt limit to the indent 2017-10-17 15:22:23 +02:00
Robert Swiecki
74b43346bd make indent 2017-10-08 23:00:45 +02:00
Robert Swiecki
414e999787 switch indent to clang-format completely 2017-10-08 22:52:52 +02:00
Robert Swiecki
21d08eaa67 config: make config static so we can get rid of strdup() 2017-10-07 00:18:21 +02:00
Robert Swiecki
293a683b14 caps: more comments 2017-10-01 05:49:13 +02:00
Robert Swiecki
8aafd1b41b Makefile: correct proto dep, plus some comments in caps.c 2017-10-01 00:06:36 +02:00
Robert Swiecki
d20aa424e0 cap: Don't use -libcap anymore, as it had problems with newer capabilities 2017-09-30 00:05:41 +02:00
Robert Swiecki
de9712befc makefile: missing depend on pb.o 2017-09-25 20:06:09 +02:00
Robert Swiecki
9e49e2fa65 makefile: missing depend on pb.o 2017-09-25 20:02:07 +02:00
Robert Swiecki
8a263cd189 indent 2017-09-25 19:54:06 +02:00
hamid
ba7eb4d95f Adding the mistakenly removed line to the makefile 2017-09-18 16:28:13 +02:00
Robert Swiecki
21a0b09f37 Makefile: -Wno-unused-parameter for older g++ 2017-09-18 12:53:42 +02:00
Robert Swiecki
4516cf06af Makefile: clear -> clean 2017-09-16 18:10:28 +02:00
Robert Swiecki
d8ba88e86b makefile: proper deps for protos #2 2017-09-16 16:43:01 +02:00
Robert Swiecki
392ed3c3df makefile: proper deps for protos 2017-09-16 16:39:55 +02:00
Robert Swiecki
5c2d98562c makefile: deal with .proto better 2017-09-16 00:31:53 +02:00
Robert Swiecki
23bb48c9de Makefile: remove space 2017-09-15 18:12:18 +02:00
Robert Swiecki
374f6cc4f0 config: Initial work on converting config.c to c++ protobuf lib 
config: Initial work on converting config.c to c++ protobuf lib #2

config: Initial work on converting config.c to c++ protobuf lib #3

config: Initial work on converting config.c to c++ protobuf lib #4

config: Initial work on converting config.c to c++ protobuf lib #5

config: Initial work on converting config.c to c++ protobuf lib #6
 2017-09-14 21:17:38 +02:00
Robert Swiecki
cf3525dd49 Makefile: add -D_FILE_OFFSET_BITS=64 to CFLAGS 2017-07-15 15:04:25 +02:00
Robert Swiecki
074582782c caps: shorter debug messages 2017-07-06 11:37:41 +02:00
Robert Swiecki
7226893b12 config: bind caps 2017-07-06 01:12:13 +02:00
Robert Swiecki
7ba602a6ed caps: move capability-setting code to caps.* 2017-07-05 13:03:14 +02:00
Robert Swiecki
fa2796fe65 util: Implement utilSigName() 2017-06-20 00:16:38 +02:00
Robert Swiecki
0e7393cccf cmdline: implement affinity setting, to limit jailed process to n max cpus 2017-06-19 17:01:50 +02:00
Robert Swiecki
6e21eaa0da subproc: comments 2017-06-09 14:34:01 +02:00
Robert Swiecki
1e2d1b8a2b Makefile: clean removes pb-c generated files 2017-05-29 17:00:19 +02:00
Robert Swiecki
cae0c4a7f5 Makefile: make compiling with libprotobuf-c more robust under different systems 2017-05-29 16:22:31 +02:00
Robert Swiecki
9e288fb6dc Better compilation rules for protobuf-c-text 2017-05-29 15:29:21 +02:00
Robert Swiecki
ec2a414442 Makefile: simplify kafel and protobuf-c-text building rules 2017-05-29 00:29:52 +02:00
Robert Swiecki
3e99703df2 Makefile: Use -fPIC when compiling protobuf-c-text 2017-05-28 19:57:25 +02:00
Robert Swiecki
6085e898cf Makefile: autogen.sh protobuf-c-text once only 2017-05-28 19:30:34 +02:00
Robert Swiecki
c510f98187 Makefile: also clean protobuf-c-text 2017-05-28 18:58:47 +02:00
Robert Swiecki
9c72e834dd Pass CFLAGS to protobuf-c-text 2017-05-28 18:46:38 +02:00
Robert Swiecki
5972d34d18 Makefile: remove stack-protector from CFLAGS 2017-05-28 18:37:50 +02:00
Robert Swiecki
f7146e1e6d protobuf-c-text: compile with -fPIC 2017-05-28 14:41:03 +02:00
Robert Swiecki
ffe865934b makefile: incorrect libprotobuf-c check 2017-05-28 14:34:28 +02:00
Robert Swiecki
fc1211d62a Makefile: surround make -C kafel clean with ifdefs 2017-05-27 02:32:39 +02:00
Robert Swiecki
90d33db05d config: warn about missing libprotobuf-c 2017-05-27 02:31:11 +02:00
Robert Swiecki
b5e37a6c4a config: support mounts 2017-05-27 01:16:12 +02:00
Robert Swiecki
53f825115f More work on uid mappings 2017-05-26 23:26:07 +02:00
Robert Swiecki
4eaa6cc9d3 Rewrite uid mapping system 2017-05-26 23:07:47 +02:00
Robert Swiecki
56cc2d6010 +protobuf-c-text: parsing from text file 2017-05-26 04:25:55 +02:00
Robert Swiecki
ad53e11e9b +protobuf-c-text 2017-05-26 04:15:45 +02:00
Robert Swiecki
b5e4f35906 config: basic parsing 2017-05-26 02:25:37 +02:00
Robert Swiecki
f51b02c569 config: initial proto generated files 2017-05-26 01:55:02 +02:00
Robert Swiecki
1bf794f492 config: add basic config support 2017-05-26 01:44:16 +02:00
Robert Swiecki
1649dd42a4 Makefile: use pkg-config for nl3-route and protobuf-c 2017-05-26 01:22:29 +02:00
Robert Swiecki
a60f84d7e2 Add flags printing for clone() 2017-05-21 19:44:54 +02:00
Wiktor Garbacz
dc428155e8 Simplify cloning/building. 
Kafel submodule will be automatically initialized if not done manually
before invoking `make`.
 2017-05-15 19:39:20 +02:00
Robert Swiecki
4b9f2e930e Remove unnecessary includes 2017-05-08 18:40:21 +02:00
Robert Swiecki
d9cb28b97d Use kafel unconditionally 2017-05-08 15:50:29 +02:00
Robert Swiecki
e38be346dc Make it possible to build w/o kafel and nl3 2017-02-13 22:59:24 +01:00
Robert Swiecki
4a154733e0 Allow to specify multiple uid/gid maps 2017-02-08 00:36:32 +01:00
Robert Swiecki
3b83267cfd Init user-ns setresuid/setresgid before initializing other NSes 2017-02-07 18:31:50 +01:00
Robert Swiecki
bbf743791f Remove bpf-helper as it's not needed since kafel/ 2017-01-09 12:49:30 +01:00
Robert Swiecki
364273afd7 Makefile: Make it possible to disable kafel and libnl3 from envvar 2016-11-20 23:37:38 +01:00
Robert Swiecki
78ccfa863a setjmp/longjmp: don't use stack-based jmp_buf, use TLS one 2016-11-03 03:53:52 +01:00
Robert Swiecki
37a5d15fa8 Comment type + make indent 2016-10-17 22:53:31 +02:00
Wiktor Garbacz
551ed4ca05 Kafel support 2016-09-29 16:22:09 +02:00
Robert Swiecki
1aa24fbeeb Remove -fblocks from Makefile 2016-07-29 15:49:35 +02:00
Robert Swiecki
f3b70cc314 Remove -lBlocksRuntime 2016-07-27 14:04:03 +02:00
Jagger
827e1a4e7d Init cgroups from parent 2016-06-19 15:50:25 +02:00
Jagger
e3a351b335 More memory cgroup controls 2016-06-19 13:54:36 +02:00
Jagger
6223ccebf1 Rudimentary cgroup support 2016-06-19 12:47:28 +02:00
Jagger
86ddf16279 Implement --pass_fd 2016-06-18 00:46:57 +02:00
Robert Swiecki
3edc8bf4a7 Move PID ns to a separate module 2016-05-13 17:07:44 +02:00
Robert Swiecki
969750c4c9 Don't take CFLAGS into consideration with make depend 2016-03-11 15:48:23 +01:00
Robert Swiecki
e557cf4056 Remove dependency on libnl3 in depend 2016-03-11 15:47:16 +01:00
Jagger
eff4796c95 Correct (non-resrved) header guards 2016-03-11 02:45:43 +01:00
Jagger
4ae2c027ac Cleaner impl. of DEFER 2016-03-10 22:56:26 +01:00
Jagger
7d2d0ce8f1 DEBUG only of requested 2016-03-09 23:51:13 +01:00
Jagger
c2795516e9 Noexecstack -Wl 2016-03-09 01:11:05 +01:00
Jagger
09000dc5fa Simpler check for compiler 2016-03-09 01:07:37 +01:00
Jagger
b9cb17661c Check for gcc in Makefile 2016-03-09 01:02:23 +01:00
Jagger
a71371e327 Check for gcc in Makefile 2016-03-09 00:56:20 +01:00
Robert Swiecki
4eee12b9e3 Stricter check for clang 2016-03-08 18:49:06 +01:00
Robert Swiecki
e561dc6bb1 Implement defer() 2016-03-08 18:22:50 +01:00
Robert Swiecki
9cc41e820f Separate uts.* module 2016-03-03 16:09:25 +01:00
Robert Swiecki
2652872fac CLONE_NEWUSER routines in a separate module 2016-03-03 15:54:15 +01:00
Robert Swiecki
e02d4e4edf Separate mount.c module 2016-03-03 15:37:04 +01:00
Jagger
a194a90ae4 Use NL3 for macvlan if present 2016-02-29 22:12:01 +01:00
Robert Swiecki
114ce7e976 Make it possible to compile with clang 2016-02-29 19:09:39 +01:00
Robert Swiecki
466f49e16d Indent/Depend 2016-02-29 18:56:52 +01:00
Sergiusz 'q3k' Bazański
fe2550e35b Move definition of _FORTIFY_SOURCE to nsjail.h 
This lets us undefine any built-in gcc macro. Otherwise, a redefinition
from the command line occurs and a warning is thrown, breaking the build
(due to -Werror).
 2016-01-20 20:21:27 +01:00
Jagger
24af1c6d98 Introduce util.c 2016-01-17 04:14:09 +01:00
Jagger
da4fc22eab indent 100 2015-08-15 20:10:07 +02:00
Jagger
9d58b74bb9 Indentation + add missing macros to the seccomp helper 2015-05-15 02:05:36 +02:00
Robert Swiecki
0ca35aa942 Initial import 2015-05-14 23:44:48 +02:00