woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
736 Commits 2 Branches 0 Tags 1.5 MiB
6e3993b9ca
Commit Graph

736 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Swiecki
0de9c6de94 readme: better cmd-line for docker 2017-09-27 15:20:36 +02:00
Robert Swiecki
2370624a5f Dockerfile: make it compile with new c++ libprotobuf 2017-09-27 15:18:30 +02:00
Robert Swiecki
f0e38692a8 cmdline: print error after usage and before fatal 2017-09-27 00:47:57 +02:00
Robert Swiecki
7b2b2194ca cmdline: configs/ for --config 2017-09-26 09:30:03 +02:00
Robert Swiecki
de9712befc makefile: missing depend on pb.o 2017-09-25 20:06:09 +02:00
Robert Swiecki
9e49e2fa65 makefile: missing depend on pb.o 2017-09-25 20:02:07 +02:00
Robert Swiecki
8a263cd189 indent 2017-09-25 19:54:06 +02:00
Robert Swiecki
9be5520fec nsjail.c: LOG_F -> LOG_W for disable_clone_newuser 2017-09-25 12:01:44 +02:00
Robert Swiecki
b3546b1a3e nsjail.c: exit() -> LOG_F( 2017-09-25 12:00:57 +02:00
robertswiecki
c839033fbd Merge pull request #43 from yoshisatoyanagisawa/master 
Use 0xff as nsjail error exit status code.
 2017-09-25 11:59:39 +02:00
Yoshisato Yanagisawa
1389da4c91 Use 0xff as nsjail error code. 
For ease of distinguishing errors coming from a program executed by
nsjail and errors from nsjail, let me change nsjail error exit
status code to 0xff instead of 1.
I think most of programs use EXIT_FAILURE (i.e. 1) as a default
error exit status code.
 2017-09-25 14:08:22 +09:00
robertswiecki
75853978ea Merge pull request #42 from ebadi/master 
Adding the mistakenly removed line to the makefile
 2017-09-18 16:57:11 +02:00
hamid
ba7eb4d95f Adding the mistakenly removed line to the makefile 2017-09-18 16:28:13 +02:00
Robert Swiecki
21a0b09f37 Makefile: -Wno-unused-parameter for older g++ 2017-09-18 12:53:42 +02:00
Robert Swiecki
4516cf06af Makefile: clear -> clean 2017-09-16 18:10:28 +02:00
Robert Swiecki
d8ba88e86b makefile: proper deps for protos #2 2017-09-16 16:43:01 +02:00
Robert Swiecki
392ed3c3df makefile: proper deps for protos 2017-09-16 16:39:55 +02:00
Robert Swiecki
5c2d98562c makefile: deal with .proto better 2017-09-16 00:31:53 +02:00
Robert Swiecki
23bb48c9de Makefile: remove space 2017-09-15 18:12:18 +02:00
Robert Swiecki
e11423a08d config.cc: macroize utilStrDup 2017-09-15 16:55:49 +02:00
Robert Swiecki
3012aee202 Updated kafel 2017-09-15 12:50:14 +02:00
Robert Swiecki
3f5711d1a1 Merge branch 'master' of ssh://github.com/google/nsjail 2017-09-14 21:17:57 +02:00
Robert Swiecki
374f6cc4f0 config: Initial work on converting config.c to c++ protobuf lib 
config: Initial work on converting config.c to c++ protobuf lib #2

config: Initial work on converting config.c to c++ protobuf lib #3

config: Initial work on converting config.c to c++ protobuf lib #4

config: Initial work on converting config.c to c++ protobuf lib #5

config: Initial work on converting config.c to c++ protobuf lib #6
 2017-09-14 21:17:38 +02:00
John Vogel
dae05bfd31 Add manual page. 2017-09-14 21:17:08 +02:00
robertswiecki
de92727591 Merge pull request #39 from jvvv/master 
Add manual page.
 2017-08-22 01:36:24 +02:00
John Vogel
55ae71ed8f Add manual page. 2017-08-19 20:10:56 -04:00
Robert Swiecki
3cb0f088e2 readme 2017-08-13 13:05:33 +02:00
Robert Swiecki
049fffb14f caps: Bypass for systems which kernel defines CAP_AUDIT_READ but libcap doesn't understand this 2017-07-18 23:00:04 +02:00
robertswiecki
bab2cf1667 Merge pull request #34 from disconnect3d/fix-dockerfile-build 
Fix dockerfile: add libcap-dev install
 2017-07-18 21:32:00 +02:00
disconnect3d
25deba1425 Fix dockerfile: add libcap-dev install 
Before the fix the build ends up somewhere with:
> sys/capability.h: No such file or directory
 2017-07-18 21:19:23 +02:00
Robert Swiecki
cf3525dd49 Makefile: add -D_FILE_OFFSET_BITS=64 to CFLAGS 2017-07-15 15:04:25 +02:00
Robert Swiecki
43e402af06 configs/bash: bring back changed euid for bash 2017-07-13 02:34:18 +02:00
Robert Swiecki
5683ea7e09 cmdline: better warning about uid/gid 0 2017-07-13 02:33:11 +02:00
Robert Swiecki
b389fcdc3d configs/apache: spaces to tabs 2017-07-07 19:12:42 +02:00
Robert Swiecki
83cb1f2764 configs/apache: remove cpu limit and unnecessary is_bind 2017-07-07 19:11:56 +02:00
Robert Swiecki
6c71def056 configs/apache: remove ld.so.cache 2017-07-07 19:06:04 +02:00
Robert Swiecki
9cc85ad853 cmdline: remove unnecessary bracket 2017-07-07 15:05:22 +02:00
Robert Swiecki
f18976d43d net: un-const'ify array 2017-07-07 12:14:25 +02:00
Robert Swiecki
65e00f3f65 net: const'ify array 2017-07-07 12:13:24 +02:00
Robert Swiecki
1ee518c464 net: improve debugging 2017-07-07 12:10:22 +02:00
Robert Swiecki
7146a8761c examples/apache: sort the entries again 2017-07-07 12:08:26 +02:00
Robert Swiecki
72dfb86551 examples/apache: sort includes 2017-07-07 02:52:05 +02:00
Robert Swiecki
14282ca2e1 examples/apache: manual formatting of seccomp-bpf policy 2017-07-07 02:37:33 +02:00
Robert Swiecki
b87ffc44df examples/apache: manual formatting of seccomp-bpf policy 2017-07-07 02:36:23 +02:00
Robert Swiecki
657166bf73 examples/apache: formatting with clang-format 2017-07-07 02:34:57 +02:00
Robert Swiecki
6ce7e253f9 mount: Use MS_BIND when remounting R/O 2017-07-06 19:39:12 +02:00
Robert Swiecki
7153d489fd caps: dropping caps from the bounding set 2017-07-06 14:55:27 +02:00
Robert Swiecki
6c1205badc util: mroe debugging 2017-07-06 14:37:10 +02:00
Robert Swiecki
074582782c caps: shorter debug messages 2017-07-06 11:37:41 +02:00
Robert Swiecki
c9e95e7be2 make indent 2017-07-06 11:25:46 +02:00