woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,152 Commits 2 Branches 0 Tags 1.5 MiB
6483728e24
Commit Graph

74 Commits

Author SHA1 Message Date
Robert Swiecki
6483728e24 config: better config parsing debugging 2022-03-15 00:44:33 +01:00
Michał Kowalczyk
16b4416d75 Add disable_tsc option 
Implemented via prctl(PR_SET_TSC, PR_TSC_SIGSEGV, ...).
 2022-02-17 23:53:13 +01:00
Philip
bf93e8a25d cgroup2: use cgroup_mem_swap_max and cgroup_mem_memsw_max 2021-11-01 10:28:41 +01:00
Johan Kartiwa
29a556068a Add support for setting cgroup memory.memsw.limit_in_bytes 2021-10-11 15:46:36 +02:00
Wiktor Garbacz
95e112cf41 Fix formatting 2021-08-03 17:46:08 +02:00
Wiktor Garbacz
4136dd50d8 Merge branch 'use_switchroot' 2021-08-03 17:44:57 +02:00
Eli Zrihen
b83d6f7421 Renaming use_switchroot option with no_pivotroot 2021-07-20 15:45:58 +03:00
Eli Zrihen
9f4b4f41e7 Consistentency with RLIMIT_* constant name 2021-07-20 15:20:47 +03:00
Eli Zrihen
0f903ba9a0 Added rt, memlock & msgq limits 2021-07-19 17:21:34 +03:00
Eli Zrihen
dab1713ac9 Added use_switchroot option 2021-06-17 14:57:01 +03:00
Eli Zrihen
5c8b3835b7 MACVLAN modes support 2021-06-16 16:59:12 +03:00
Robert Swiecki
056809ed3b Initial support for CLONE_NEWTIME 2021-05-11 14:48:45 +02:00
Philip Papurt
32f2287fbb
net: add support for max_conns 2021-02-09 17:13:35 -05:00
Robert Swiecki
a2d5b07c76 config: remove deprecated config options 2020-07-09 17:28:56 +02:00
Christian Blichmann
910fb5498c
Fix a few typos. 
These were found by external tooling while preparing the Debian package.

* Uknown -> Unknown
* Writting -> Writing
* commited -> committed
* processess -> processes

Signed-off-by: Christian Blichmann <mail@blichmann.eu>
 2020-07-07 14:07:22 +02:00
Robert Swiecki
b3d544d155 config: simplify log/logfd setting 2019-10-02 19:43:58 +02:00
Jay Lees
86293b052e Add flag to disable rlimits 2019-08-05 03:25:22 -07:00
Jay Lees
08f62b6f76 [cgroup-v2] support cgroup v2 for mem, cpu and pids 2019-07-26 07:02:17 -07:00
Robert Swiecki
494a5f63cd Add nice_level to cmd-line/config options 2019-06-30 21:50:56 +02:00
Robert Swiecki
317555b687 user: don't fail on setgroup() if not groups were specified 2019-06-28 13:31:43 +02:00
Robert Swiecki
83a28cd0d3 use TEMP_FAILURE_RETRY with some restartable funcs 2019-04-17 23:10:18 +02:00
Robert Swiecki
2b1bad6b5b cmdline: allow to override config cmdline with cmdline cmdline 2019-03-30 16:10:14 +01:00
Robert Swiecki
c7dd18c612 cmdline: add ability to passthrough current envvars 2018-10-28 17:15:55 +01:00
Micky Del Favero
233a7296fe Added --macvlan_vs_ma switch to be able to set macvlan's mac-address. 
Signed-off-by: Micky Del Favero <micky@BeeCloudy.net>
 2018-10-23 15:05:50 +02:00
Robert Swiecki
ef94c3cc6b config: correct way of setting pass_fd 2018-07-31 22:52:03 +02:00
Wiktor Garbacz
ba14675185 mnt: added nosuid/nodev/noexec flags to config 
Closes #70
 2018-07-27 11:29:15 +02:00
Wiktor Garbacz
1923d6af04 conifg: parse cgroup_cpu settings 
Fixes #87
 2018-07-24 15:20:44 +02:00
Robert Swiecki
272a85477a config: Implement --stderr_to_null 2018-06-25 03:12:27 +02:00
Robert Swiecki
e8e6c1b906 make indent depend 2018-06-07 18:37:17 +02:00
Robert Swiecki
04627982d0 logs: use log file/level immediately 2018-06-07 16:51:50 +02:00
Robert Swiecki
111481532b config: add --iface_own to the proto config 2018-06-03 03:19:40 +02:00
Robert Swiecki
48e8634ba5 config: add support for seccomp_log 2018-05-23 15:38:45 +02:00
Robert Swiecki
8a22a4abb6 convert exec file and argv to string/vector 2018-02-12 16:52:05 +01:00
Robert Swiecki
810394cf16 switc all == false cmps to ! 2018-02-12 15:17:33 +01:00
Robert Swiecki
f77a177340 config: remove unnecessary c_str() 2018-02-12 04:21:35 +01:00
Robert Swiecki
1f24e3a900 move sandboxing setup from cmdline to nsjail 2018-02-12 03:11:58 +01:00
Robert Swiecki
5a35f00e28 mnt: move mnt_t to std::string 2018-02-11 23:44:43 +01:00
Robert Swiecki
f1a6b08962 cmdline: simplify string splitting 2018-02-11 14:56:30 +01:00
Robert Swiecki
b7f0acb021 util: remove unused functions 2018-02-10 23:54:36 +01:00
Robert Swiecki
7a55ffb3a6 sandbox: convert kafel file/string as std::string 2018-02-10 23:46:15 +01:00
Robert Swiecki
de3f1371f0 convert proc_path to std::string 2018-02-10 20:16:17 +01:00
Robert Swiecki
c9e4e9d0c2 config: rename macro 2018-02-10 18:27:24 +01:00
Robert Swiecki
b691b8796c nsjail: iface_no_lo -> iface_lo 2018-02-10 18:22:51 +01:00
Robert Swiecki
97278f191b log: rename log to logs due to clash with glibc's log 2018-02-10 17:49:15 +01:00
Robert Swiecki
4494deffa7 omit keyword 'struct' 2018-02-10 15:50:12 +01:00
Robert Swiecki
1761ed4fdc move common.h to macros.h 2018-02-10 05:25:55 +01:00
Robert Swiecki
c34b52ab78 nsjail: convert a couple of struct fields to std::string 2018-02-10 04:10:18 +01:00
Robert Swiecki
9399373ee7 nsjail: envs to vector of strings 2018-02-09 23:04:57 +01:00
Robert Swiecki
63eb13ecde nsjail: move openfd from queue to vector 2018-02-09 22:47:00 +01:00
Robert Swiecki
d1d310e70f nsjail: convert caps from queue to vector 2018-02-09 22:35:33 +01:00