robertswiecki
5f3b511e3f
Merge pull request #54 from VCTLabs/compat-3.x-kernel
...
Revert "caps: define CAP_AUDIT_READ if not defined"
2017-10-17 15:40:48 +02:00
Robert Swiecki
4ffec405de
Makefile: add columnt limit to the indent
2017-10-17 15:22:23 +02:00
Robert Swiecki
fb018c2596
user: use setresuid32 where available first (on some 32bit platforms:
2017-10-17 15:16:27 +02:00
Ron Lockwood-Childs
5ff0de7454
Revert "caps: define CAP_AUDIT_READ if not defined"
...
Restore compatibility with 3.x kernels by not requiring CAP_AUDIT_READ
if not defined in kernel header file
This reverts commit 7820553cb9
.
Conflicts:
caps.c
contain.h
2017-10-16 14:05:02 -07:00
Robert Swiecki
411955c5ae
nsjail: add missing commans in nested structs and make indent
2017-10-16 15:31:14 +02:00
Robert Swiecki
64325b3862
user: remove static from idx vars, it causes crash after many iterations of nsjail
2017-10-16 15:19:07 +02:00
robertswiecki
6a9cbc02d7
Merge pull request #51 from jvvv/master
...
manpage: update for recent option changes
2017-10-12 14:11:45 +02:00
John Vogel
0c939cd2a5
manpage: update for recent option changes
...
Add --proc_path and --proc_rw options.
Also clean up --mode|-M option layout.
2017-10-12 02:53:10 -04:00
Robert Swiecki
819671ec9b
net: prettier logging in bind
2017-10-11 15:43:59 +02:00
Robert Swiecki
921bdba937
cmdline: better --rw description
2017-10-11 02:16:14 +02:00
Robert Swiecki
2df017ec56
cmdline: add --proc_path and --proc_rw options
2017-10-11 02:10:52 +02:00
Robert Swiecki
fe234f4830
move VALSTR_STRUCT to common.h
2017-10-08 23:06:40 +02:00
Robert Swiecki
d0afb19431
allow for indentation of more structures (now with clang-format)
2017-10-08 23:03:02 +02:00
Robert Swiecki
74b43346bd
make indent
2017-10-08 23:00:45 +02:00
Robert Swiecki
414e999787
switch indent to clang-format completely
2017-10-08 22:52:52 +02:00
Robert Swiecki
c56ec493fb
config.proto: reflow numbering of fields
2017-10-08 22:50:06 +02:00
Robert Swiecki
7695be383e
mount: make mountIsDir static
2017-10-08 15:17:57 +02:00
Robert Swiecki
23a77f46e9
subproc: print syscall number as decimal
2017-10-08 15:02:41 +02:00
Robert Swiecki
85b0908dd8
cmdline: missing 'soft'/'hard' variants for RLIMIT_STACK in usage()
2017-10-08 13:00:37 +02:00
Robert Swiecki
82b0d2926e
Merge branch 'master' of ssh://github.com/google/nsjail
2017-10-08 12:57:51 +02:00
Robert Swiecki
d20ffb98f6
cmdline: missing comparison in cmdlineParseRLimit()
2017-10-08 12:57:43 +02:00
robertswiecki
cacf36e8da
Merge pull request #50 from jvvv/master
...
manpage: tweak for recent options changes
2017-10-08 12:56:22 +02:00
robertswiecki
ab074d39a0
Merge pull request #49 from disconnect3d/small-refactor-sandbox
...
sandbox.c: small refactor
2017-10-08 12:55:56 +02:00
Robert Swiecki
acd8e01060
subproc: print si->si_errno as well as it provides user-supplied value from seccomp-bpf
2017-10-08 12:00:19 +02:00
Robert Swiecki
66f60a78b0
subproc: reorder printing of si->si_syscall #2
2017-10-08 11:55:11 +02:00
Robert Swiecki
24c3be941f
subproc: reorder printing of si->si_syscall
2017-10-08 11:53:24 +02:00
Robert Swiecki
809dbbb560
subproc: print si->si_syscall
2017-10-08 11:51:37 +02:00
John Vogel
e3ada49abf
manpage: tweak for recent options changes
...
Adjust rlimit_* options to match command line --help output.
Add --really_quiet option.
And some clean up:
Remove 'See Also' section that only references a non-existent
info page that is a relic of using help2man for initial manual
page generation.
2017-10-08 01:28:06 -04:00
disconnect3d
14ec30c211
sandbox.c: small refactor
2017-10-08 02:57:49 +02:00
Robert Swiecki
b7def79d90
mount: don't R/O remount mounts which were not mounted (not mandatory)
2017-10-08 01:28:45 +02:00
Robert Swiecki
6d29c196ac
common: less const argv
2017-10-08 00:36:13 +02:00
Robert Swiecki
f703d615d8
make indent
2017-10-08 00:17:47 +02:00
Robert Swiecki
c35857cff2
cmdline: use mountAddMountPt in the remaining calls
2017-10-08 00:14:24 +02:00
Robert Swiecki
0541d0dfc3
cmdline/mount: mount proc at the beginning
2017-10-07 23:32:25 +02:00
Robert Swiecki
dc2131cdd1
cmdline: use soft/hard literals instead of def/max for rlimits
2017-10-07 22:36:21 +02:00
Robert Swiecki
5d4f42a729
cmdline: missing flags for --chroot mount point
2017-10-07 22:33:46 +02:00
Robert Swiecki
a39f76924d
cmdline: use mountAddMountPt instead of adding structs explicitly
2017-10-07 22:30:19 +02:00
Robert Swiecki
6ada77d4cf
cmdline: better errors for setting rlimits
2017-10-07 12:37:26 +02:00
Robert Swiecki
e89a6f0c24
cmdline: 'inf' for rlimits
2017-10-07 12:33:19 +02:00
Robert Swiecki
aac3e112b4
cmdline: descriptions of flags
2017-10-07 12:31:54 +02:00
Robert Swiecki
5597783716
cmdline: implement --really_quiet option
2017-10-07 02:03:51 +02:00
Robert Swiecki
5aa9376b2c
config: make argv static to avoid using heap
2017-10-07 01:54:36 +02:00
Robert Swiecki
21d08eaa67
config: make config static so we can get rid of strdup()
2017-10-07 00:18:21 +02:00
Robert Swiecki
a5c3a1823f
config.proto: comments
2017-10-06 22:50:32 +02:00
Robert Swiecki
25c6272b56
config: indent
2017-10-06 22:44:55 +02:00
Robert Swiecki
dbc6fab582
config: allow to use soft/hard/inf limits for rlimits
2017-10-06 22:44:27 +02:00
Robert Swiecki
ee3d454457
pid: comment on the ns-init process
2017-10-06 19:42:58 +02:00
Robert Swiecki
0fb8b9379b
mount: realpath is not needed as mount will realpath the path
2017-10-03 18:37:34 +02:00
Robert Swiecki
b5305a3c32
.gitignore: ignore config.pb.*
2017-10-01 19:55:36 +02:00
Robert Swiecki
7fa94b8e8c
contain: remove unnecessary includes
2017-10-01 19:08:31 +02:00