Jagger
|
4bc5632af4
|
Report failure of setting fcntl(FD_CLOEXEC) as error
|
2016-06-20 22:59:29 +02:00 |
|
Jagger
|
827e1a4e7d
|
Init cgroups from parent
|
2016-06-19 15:50:25 +02:00 |
|
Jagger
|
6223ccebf1
|
Rudimentary cgroup support
|
2016-06-19 12:47:28 +02:00 |
|
Jagger
|
da0f4c0695
|
Better logging for closing(fd)
|
2016-06-18 11:08:35 +02:00 |
|
Jagger
|
86ddf16279
|
Implement --pass_fd
|
2016-06-18 00:46:57 +02:00 |
|
Robert Swiecki
|
3edc8bf4a7
|
Move PID ns to a separate module
|
2016-05-13 17:07:44 +02:00 |
|
Jagger
|
a6062dd03a
|
Restart fcntl()
|
2016-05-09 23:45:56 +02:00 |
|
Robert Swiecki
|
6e25d47eba
|
Cover interruptible syscalls with TEMP_FAILURE_RETRY
|
2016-05-09 15:16:26 +02:00 |
|
Jagger
|
57a523dd08
|
Use defer {} instead of DEFER()
|
2016-04-23 04:22:31 +02:00 |
|
Robert Swiecki
|
3bc8cce90e
|
No need to redirect log fd anymore
|
2016-03-15 20:42:03 +01:00 |
|
Jagger
|
4ae2c027ac
|
Cleaner impl. of DEFER
|
2016-03-10 22:56:26 +01:00 |
|
Jagger
|
09e08a2c1f
|
More defers
|
2016-03-08 22:54:35 +01:00 |
|
Robert Swiecki
|
eb52ab9a2b
|
Move contain fnctions into contain.c
|
2016-03-08 15:57:09 +01:00 |
|
Robert Swiecki
|
8793dc4c9e
|
Remove caps from the bounding set
|
2016-03-08 15:10:21 +01:00 |
|
Robert Swiecki
|
9cc41e820f
|
Separate uts.* module
|
2016-03-03 16:09:25 +01:00 |
|
Robert Swiecki
|
2c1ff531e3
|
Clearer naming of net functions
|
2016-03-03 15:43:40 +01:00 |
|
Robert Swiecki
|
e02d4e4edf
|
Separate mount.c module
|
2016-03-03 15:37:04 +01:00 |
|
Robert Swiecki
|
b89b8cfbc7
|
Fix common.h includes
|
2016-03-01 17:03:11 +01:00 |
|
Robert Swiecki
|
b0c5baa45d
|
Comment on statvfs
|
2016-03-01 16:01:39 +01:00 |
|
Robert Swiecki
|
60ece3a192
|
Typo
|
2016-03-01 15:38:58 +01:00 |
|
Robert Swiecki
|
cc987ec775
|
Add locked mount flags during remounting
|
2016-03-01 15:36:32 +01:00 |
|
Robert Swiecki
|
f258316f5e
|
More specific error message for EACCES during mount()
|
2016-03-01 15:02:33 +01:00 |
|
Robert Swiecki
|
114ce7e976
|
Make it possible to compile with clang
|
2016-02-29 19:09:39 +01:00 |
|
Jagger
|
d2f47fff92
|
Add network configuration for the 'vs' interface
|
2016-02-29 02:51:55 +01:00 |
|
Jagger
|
43983cbb17
|
Add --iface_lo_up
|
2016-02-29 00:14:36 +01:00 |
|
Jagger
|
fb8eb88410
|
No need to update /proc/pid/setgroups if euid==0
|
2016-02-28 02:41:57 +01:00 |
|
Jagger
|
8d641169e3
|
Initialize user/group maps from the parent process
|
2016-02-28 02:34:43 +01:00 |
|
Jagger
|
ad4b0105a7
|
No need to add (default:none) in cmdline
|
2016-02-28 01:52:09 +01:00 |
|
Robert Swiecki
|
4ec7c12c99
|
Add MS_REC to MS_RDONLY
|
2016-02-25 18:27:42 +01:00 |
|
Robert Swiecki
|
87829e3f6e
|
Implement --skip_setsid
|
2016-01-25 18:09:32 +01:00 |
|
Jagger
|
d36deb5d0d
|
Use --user x:y notation (not working yet)
|
2016-01-23 07:05:24 +01:00 |
|
Robert Swiecki
|
307a6f0257
|
Create a file/dir inside jail beforemounting
|
2016-01-14 15:44:29 +01:00 |
|
Jagger
|
2765e58c4e
|
Use TAILQ instead of LIST to insert new mount entries at the end
|
2016-01-09 16:09:05 +01:00 |
|
Robert Swiecki
|
88e796e004
|
Set a separate session/process_group
|
2015-11-24 18:34:05 +01:00 |
|
Jamy Timmermans
|
bd5ed5ac63
|
Fix dereference in cwd option
|
2015-11-07 06:11:55 -06:00 |
|
Jamy Timmermans
|
93abc40dde
|
Add a cwd option
This way the process being spawned can be in a directory if the
spawner’s choosing (as ling as it’s available in the chroot)
|
2015-11-07 13:01:44 +01:00 |
|
Jagger
|
5f5e496179
|
Make it compile with -m32
|
2015-10-18 20:47:44 +02:00 |
|
Jagger
|
558ede7dfe
|
Make __user_cap_data_struct const
|
2015-10-18 20:39:06 +02:00 |
|
Jagger
|
49faea78b0
|
Use 0x%tx for uintptr_t
|
2015-10-17 19:14:57 +02:00 |
|
Jagger
|
59cedfe10f
|
Use just a single list for mount-points (RO, RW, chroot)
|
2015-10-17 16:48:30 +02:00 |
|
Robert Swiecki
|
5202a7fc07
|
Use rlimit64
|
2015-10-13 19:06:59 +02:00 |
|
Jagger
|
3c9c63b608
|
In case there's no CLONE_NEWNS, just chroot()
|
2015-08-16 10:55:14 +02:00 |
|
Jagger
|
cbb64d571d
|
Make --disable_proc work
|
2015-08-15 20:48:48 +02:00 |
|
Jagger
|
da4fc22eab
|
indent 100
|
2015-08-15 20:10:07 +02:00 |
|
Jagger
|
701825970a
|
Implementation of MODE_STANDALONE_EXECVE
|
2015-08-15 16:02:38 +02:00 |
|
Jagger
|
04fa1e9c1f
|
More verbose error messages for mounting files/dirs
|
2015-08-12 01:17:54 +02:00 |
|
Jagger
|
07df4307f5
|
Move tmpfs mounting before pivot_chroot
|
2015-08-12 00:58:26 +02:00 |
|
Jagger
|
a47a651999
|
Create a file for sockets/devs/files bind mounts
|
2015-08-11 14:34:17 +02:00 |
|
Jagger
|
8b951e6c28
|
Checks for strdup() result. Use remountBindMount since we have it
|
2015-07-15 03:33:13 +02:00 |
|
Jagger
|
e3fe2d183c
|
tmpfs_size (size_t) + indent
|
2015-07-08 00:54:59 +02:00 |
|