Robert Swiecki
|
b3d544d155
|
config: simplify log/logfd setting
|
2019-10-02 19:43:58 +02:00 |
|
Jay Lees
|
86293b052e
|
Add flag to disable rlimits
|
2019-08-05 03:25:22 -07:00 |
|
Jay Lees
|
08f62b6f76
|
[cgroup-v2] support cgroup v2 for mem, cpu and pids
|
2019-07-26 07:02:17 -07:00 |
|
Robert Swiecki
|
494a5f63cd
|
Add nice_level to cmd-line/config options
|
2019-06-30 21:50:56 +02:00 |
|
Robert Swiecki
|
317555b687
|
user: don't fail on setgroup() if not groups were specified
|
2019-06-28 13:31:43 +02:00 |
|
Robert Swiecki
|
83a28cd0d3
|
use TEMP_FAILURE_RETRY with some restartable funcs
|
2019-04-17 23:10:18 +02:00 |
|
Robert Swiecki
|
2b1bad6b5b
|
cmdline: allow to override config cmdline with cmdline cmdline
|
2019-03-30 16:10:14 +01:00 |
|
Robert Swiecki
|
c7dd18c612
|
cmdline: add ability to passthrough current envvars
|
2018-10-28 17:15:55 +01:00 |
|
Micky Del Favero
|
233a7296fe
|
Added --macvlan_vs_ma switch to be able to set macvlan's mac-address.
Signed-off-by: Micky Del Favero <micky@BeeCloudy.net>
|
2018-10-23 15:05:50 +02:00 |
|
Robert Swiecki
|
ef94c3cc6b
|
config: correct way of setting pass_fd
|
2018-07-31 22:52:03 +02:00 |
|
Wiktor Garbacz
|
ba14675185
|
mnt: added nosuid/nodev/noexec flags to config
Closes #70
|
2018-07-27 11:29:15 +02:00 |
|
Wiktor Garbacz
|
1923d6af04
|
conifg: parse cgroup_cpu settings
Fixes #87
|
2018-07-24 15:20:44 +02:00 |
|
Robert Swiecki
|
272a85477a
|
config: Implement --stderr_to_null
|
2018-06-25 03:12:27 +02:00 |
|
Robert Swiecki
|
e8e6c1b906
|
make indent depend
|
2018-06-07 18:37:17 +02:00 |
|
Robert Swiecki
|
04627982d0
|
logs: use log file/level immediately
|
2018-06-07 16:51:50 +02:00 |
|
Robert Swiecki
|
111481532b
|
config: add --iface_own to the proto config
|
2018-06-03 03:19:40 +02:00 |
|
Robert Swiecki
|
48e8634ba5
|
config: add support for seccomp_log
|
2018-05-23 15:38:45 +02:00 |
|
Robert Swiecki
|
8a22a4abb6
|
convert exec file and argv to string/vector
|
2018-02-12 16:52:05 +01:00 |
|
Robert Swiecki
|
810394cf16
|
switc all == false cmps to !
|
2018-02-12 15:17:33 +01:00 |
|
Robert Swiecki
|
f77a177340
|
config: remove unnecessary c_str()
|
2018-02-12 04:21:35 +01:00 |
|
Robert Swiecki
|
1f24e3a900
|
move sandboxing setup from cmdline to nsjail
|
2018-02-12 03:11:58 +01:00 |
|
Robert Swiecki
|
5a35f00e28
|
mnt: move mnt_t to std::string
|
2018-02-11 23:44:43 +01:00 |
|
Robert Swiecki
|
f1a6b08962
|
cmdline: simplify string splitting
|
2018-02-11 14:56:30 +01:00 |
|
Robert Swiecki
|
b7f0acb021
|
util: remove unused functions
|
2018-02-10 23:54:36 +01:00 |
|
Robert Swiecki
|
7a55ffb3a6
|
sandbox: convert kafel file/string as std::string
|
2018-02-10 23:46:15 +01:00 |
|
Robert Swiecki
|
de3f1371f0
|
convert proc_path to std::string
|
2018-02-10 20:16:17 +01:00 |
|
Robert Swiecki
|
c9e4e9d0c2
|
config: rename macro
|
2018-02-10 18:27:24 +01:00 |
|
Robert Swiecki
|
b691b8796c
|
nsjail: iface_no_lo -> iface_lo
|
2018-02-10 18:22:51 +01:00 |
|
Robert Swiecki
|
97278f191b
|
log: rename log to logs due to clash with glibc's log
|
2018-02-10 17:49:15 +01:00 |
|
Robert Swiecki
|
4494deffa7
|
omit keyword 'struct'
|
2018-02-10 15:50:12 +01:00 |
|
Robert Swiecki
|
1761ed4fdc
|
move common.h to macros.h
|
2018-02-10 05:25:55 +01:00 |
|
Robert Swiecki
|
c34b52ab78
|
nsjail: convert a couple of struct fields to std::string
|
2018-02-10 04:10:18 +01:00 |
|
Robert Swiecki
|
9399373ee7
|
nsjail: envs to vector of strings
|
2018-02-09 23:04:57 +01:00 |
|
Robert Swiecki
|
63eb13ecde
|
nsjail: move openfd from queue to vector
|
2018-02-09 22:47:00 +01:00 |
|
Robert Swiecki
|
d1d310e70f
|
nsjail: convert caps from queue to vector
|
2018-02-09 22:35:33 +01:00 |
|
Robert Swiecki
|
7f72cbd497
|
all: move to C++
|
2018-02-09 18:55:42 +01:00 |
|
Robert Swiecki
|
a6c34999f2
|
util: move to C++
|
2018-02-09 18:45:50 +01:00 |
|
Robert Swiecki
|
a82abf4dcb
|
mount: move to C++
|
2018-02-09 18:26:16 +01:00 |
|
Robert Swiecki
|
27a226ad28
|
user: move to C++
|
2018-02-09 18:08:11 +01:00 |
|
Robert Swiecki
|
c4e57bf27e
|
caps: move to C++
|
2018-02-09 17:49:13 +01:00 |
|
Robert Swiecki
|
840b75025c
|
cmdline: move to C++
|
2018-02-09 15:44:29 +01:00 |
|
Robert Swiecki
|
d7cb58e280
|
Add missing O_RDONLY here and there
|
2018-02-08 15:23:15 +01:00 |
|
Robert Swiecki
|
354c5ae47b
|
open kafel file in each kafel subproc individually to avoid file pos sharing
|
2018-01-31 16:04:39 +01:00 |
|
Robert Swiecki
|
af7bfc16aa
|
config.cc: set exec_file only if arg0 is set
|
2017-12-05 15:44:53 +01:00 |
|
Hamid Ebadi
|
be8fb2ad73
|
Minor fixes
|
2017-11-08 16:45:02 +01:00 |
|
Robert Swiecki
|
e2529ce04f
|
Makefile/indent: base it on the google template with modifications
|
2017-10-26 00:26:02 +02:00 |
|
YAMAMOTO Masaya
|
315b3837b4
|
Support cgroup net_cls subsystem
|
2017-10-25 17:15:03 +09:00 |
|
Robert Swiecki
|
9c2f19b972
|
cmdline: add option --execute_fd and support for it, in order to use execveat()
|
2017-10-18 17:57:52 +02:00 |
|
Robert Swiecki
|
4ffec405de
|
Makefile: add columnt limit to the indent
|
2017-10-17 15:22:23 +02:00 |
|
Robert Swiecki
|
2df017ec56
|
cmdline: add --proc_path and --proc_rw options
|
2017-10-11 02:10:52 +02:00 |
|