happyCoder92
4c524db8d2
Merge pull request #133 from sirdarckcat/master
...
Create dockerpush.yml
2020-03-02 15:31:37 +01:00
Eduardo' Vela" Nava (sirdarckcat)
66fa45364c
Create dockerpush.yml
2020-03-01 07:56:34 +01:00
Robert Swiecki
6912a2401f
make indent
2020-02-17 20:33:45 +01:00
Wiktor Garbacz
a47123b8a7
fix POLLNVAL in pipeTraffic
2020-02-17 15:57:13 +01:00
Wiktor Garbacz
5c61521295
fix infinite loop in pipeTraffic
2020-02-17 14:40:35 +01:00
Robert Swiecki
59abcc476e
subproc: debug log when hotting SIHQUIT (Ctrl+\) #2 - better check
2020-02-17 14:13:17 +01:00
Robert Swiecki
e0b941565d
subproc: debug log when hotting SIHQUIT (Ctrl+\)
2020-02-17 14:11:58 +01:00
Robert Swiecki
ab8b319c13
subproc: verify that a pid in a pid map doesn't exist before inserting
2020-02-17 14:07:25 +01:00
Robert Swiecki
2cf562160d
nsjail/pid/subproc: a). keep childrens' PIDs in a map indexed by pid b). correctly fetch remote IPv6 address text
2020-02-16 22:34:19 +01:00
robertswiecki
6d2503ee7b
Merge pull request #130 from happyCoder92/proxy
...
pipe socket traffic in and out of sandboxee
2020-02-14 17:08:41 +01:00
robertswiecki
a303054b50
Merge pull request #128 from disconnect3d/patch-2
...
Update Dockerfile to use ubuntu:18.04 image
2020-02-14 17:08:07 +01:00
Wiktor Garbacz
273ce6bc84
pipe socket traffic in and out of sandboxee
2020-02-14 17:07:14 +01:00
Wiktor Garbacz
b3b28b7dbf
Makefile: fix kafel submodule init for parallel build
2020-01-27 10:32:10 +01:00
Robert Swiecki
04e5fae0e3
subproc: recognize CLONE_PIDFD
2019-12-10 11:09:14 +01:00
robertswiecki
8407e0be46
Merge pull request #129 from disconnect3d/patch-3
...
Fix default rlimit_stack value
2019-12-07 17:24:29 +01:00
Disconnect3d
7f9ed1ba12
Fix default rlimit_stack value
...
The default `rlimit_stack` value was set to 1048576. However, this value is in MiB and so is later multiplied by 1024*1024 in b3d544d155/config.cc (L161-L162)
and it ends up as a limit of 1 TB for the stack size.
This PR changes it to 8 MB which is a more sane default or, at least I took it from my virtual machine's ulimits:
```
$ ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 31175
max locked memory (kbytes, -l) 16384
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 31175
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
```
2019-12-07 17:05:45 +01:00
Disconnect3d
7eeab969f9
Update Dockerfile to use ubuntu:18.04 image
2019-12-07 14:24:32 +01:00
Wiktor Garbacz
1111bb135a
allow setgroups when using exclusively newgid
2019-11-01 13:42:16 +01:00
Robert Swiecki
2ca90bf208
configs/: indent
2019-10-29 01:40:52 +01:00
Robert Swiecki
a78019993f
configs/znc: remove a problematic quote
2019-10-04 00:35:36 +02:00
Robert Swiecki
2c648d5879
nsjail: don't restore console if nsjail runs in background
2019-10-04 00:33:29 +02:00
Robert Swiecki
b3d544d155
config: simplify log/logfd setting
2019-10-02 19:43:58 +02:00
Robert Swiecki
0b12cedc01
configs: new config for znc - remove log_fd
2019-10-02 08:28:23 +02:00
Robert Swiecki
af9d4294d9
configs: new config for znc
2019-10-01 08:27:17 +02:00
Robert Swiecki
64275d1417
configs/xchat: daemonize by default
2019-09-28 23:00:21 +02:00
Robert Swiecki
8fd94f817a
Merge branch 'master' of ssh://github.com/google/nsjail
2019-09-12 22:22:04 +02:00
Robert Swiecki
9f064737de
user: better formatting directives for printf'like functions
2019-09-12 22:21:49 +02:00
robertswiecki
ba90b12234
Merge pull request #123 from LMMilewski/master
...
Fix typo in config.proto: s/lofs/logs/
2019-09-07 02:04:39 +02:00
Lukasz Milewski
0bc575063b
Fix typo in config.proto: s/lofs/logs/
2019-09-06 15:08:30 -07:00
Robert Swiecki
3612c2a0b8
Merge branch 'master' of github.com:google/nsjail
2019-09-02 16:10:28 +02:00
Robert Swiecki
0773b75900
subproc: fix invalid conversions from util::syscall to syscall
2019-09-02 16:10:19 +02:00
Robert Swiecki
41305fdc4d
mnt: shorter description of mount points
2019-08-31 22:08:02 +02:00
Robert Swiecki
e2c5c59bd3
standardize on envar vs envvar
2019-08-28 22:18:58 +02:00
Robert Swiecki
c1e40e809c
log: close previous log descriptor a bit later:
2019-08-25 11:23:20 +02:00
Robert Swiecki
04f35c8848
mnt: use setcwd unconditionally with and w/o clone_newns
2019-08-25 11:17:12 +02:00
Robert Swiecki
d9efc0b3a7
mnt: use setcwd unconditionally with and w/o clone_newns
2019-08-25 11:16:12 +02:00
Robert Swiecki
b435292e9a
log: a bit clearer calls to dup()
2019-08-22 13:59:15 +02:00
Robert Swiecki
c291b11ae6
Fix missing chdir in non-CLONE_NEWNS path
2019-08-21 14:29:35 +02:00
Robert Swiecki
5abfae7161
log: simplify logging code
2019-08-20 14:16:21 +02:00
Robert Swiecki
fe762a37b9
config.proto: move disable_rl higher
2019-08-19 14:28:45 +02:00
robertswiecki
a0cdc71ab2
Merge pull request #120 from jaylees14/disable-rlimits
...
Add flag to disable rlimits
2019-08-19 14:26:27 +02:00
Robert Swiecki
ac6e19d4ec
Merge branch 'master' of github.com:google/nsjail
2019-08-19 11:35:17 +02:00
Robert Swiecki
f07c523543
net/cmdline: better checks for TCP port values
2019-08-19 11:34:34 +02:00
Jay Lees
86293b052e
Add flag to disable rlimits
2019-08-05 03:25:22 -07:00
Robert Swiecki
0b1d5ac039
cgroup-code: remove some spaces to make code more consistent
2019-08-04 09:54:38 +02:00
Robert Swiecki
b120acd5b5
make indent depend
2019-08-04 09:50:34 +02:00
robertswiecki
5376996acc
Merge pull request #119 from jaylees14/cgroup-v2
...
[cgroup-v2] support cgroup v2 for mem, cpu and pids
2019-08-04 09:49:35 +02:00
Jay Lees
08f62b6f76
[cgroup-v2] support cgroup v2 for mem, cpu and pids
2019-07-26 07:02:17 -07:00
Robert Swiecki
2044488520
configs/imagemagick-convert: add madvise
2019-07-12 16:07:06 +02:00
Robert Swiecki
4628ded479
Merge branch 'master' of github.com:google/nsjail
2019-07-01 14:52:32 +02:00