woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
681 Commits 2 Branches 0 Tags 1.5 MiB
7e49be4dc3
Commit Graph

681 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jagger
8d641169e3 Initialize user/group maps from the parent process 2016-02-28 02:34:43 +01:00
Jagger
1cfe9d470a Remove debugging code 2016-02-28 02:15:36 +01:00
Jagger
ad4b0105a7 No need to add (default:none) in cmdline 2016-02-28 01:52:09 +01:00
Robert Swiecki
be639261b5 Automatically create destination dir for 'proc' and 'tmpfs' mounts 2016-02-25 18:45:23 +01:00
Robert Swiecki
9852028522 Implement --bindhost 2016-02-25 18:27:48 +01:00
Robert Swiecki
4ec7c12c99 Add MS_REC to MS_RDONLY 2016-02-25 18:27:42 +01:00
Robert Swiecki
5b78d31f3f Remove (disable: false) from cmdline.c as it's obvious 2016-02-16 18:56:52 +01:00
Robert Swiecki
aebc3dba41 Env variables (setting/clearing) 2016-01-26 17:42:10 +01:00
Jagger
fd98f4009e Default re-chroot to '/' 2016-01-25 22:27:06 +01:00
Robert Swiecki
87829e3f6e Implement --skip_setsid 2016-01-25 18:09:32 +01:00
Jagger
d36deb5d0d Use --user x:y notation (not working yet) 2016-01-23 07:05:24 +01:00
Jagger
a225069b4d Use %#x instead of %u 2016-01-22 00:50:45 +01:00
Jagger
c3298d0019 Remove _FORTIFY_SOURCE=2 2016-01-22 00:11:31 +01:00
robertswiecki
53905ed813 Merge pull request #4 from q3k/master 
Move definition of _FORTIFY_SOURCE to nsjail.h
 2016-01-20 20:23:02 +01:00
Sergiusz 'q3k' Bazański
fe2550e35b Move definition of _FORTIFY_SOURCE to nsjail.h 
This lets us undefine any built-in gcc macro. Otherwise, a redefinition
from the command line occurs and a warning is thrown, breaking the build
(due to -Werror).
 2016-01-20 20:21:27 +01:00
Robert Swiecki
0ac43cddf0 No need to include log.h in util.h 2016-01-20 18:05:42 +01:00
Robert Swiecki
4f90b612d0 correct guard macro comment 2016-01-20 18:00:13 +01:00
Robert Swiecki
19de49b375 Missing util.* 2016-01-20 17:55:40 +01:00
Jagger
24af1c6d98 Introduce util.c 2016-01-17 04:14:09 +01:00
Robert Swiecki
307a6f0257 Create a file/dir inside jail beforemounting 2016-01-14 15:44:29 +01:00
Robert Swiecki
42efeb6073 Add --cmd 2016-01-14 15:26:18 +01:00
Jagger
dcd80af9bc Revert of .chroot = NULL 2016-01-09 16:11:31 +01:00
Jagger
2765e58c4e Use TAILQ instead of LIST to insert new mount entries at the end 2016-01-09 16:09:05 +01:00
Robert Swiecki
88e796e004 Set a separate session/process_group 2015-11-24 18:34:05 +01:00
Robert Swiecki
da133a6d11 Correctly cast arguments to syscall() 2015-11-19 15:04:41 +01:00
robertswiecki
22f3ca5ecb Merge pull request #3 from JamyDev/master 
Add `cwd` option to define what folder in the jail the process should start in.
 2015-11-07 15:03:28 +01:00
Jamy Timmermans
0e14a0b341 Update readme with cwd property 2015-11-07 13:33:50 +01:00
Jamy Timmermans
bd5ed5ac63 Fix dereference in cwd option 2015-11-07 06:11:55 -06:00
Jamy Timmermans
93abc40dde Add a cwd option 
This way the process being spawned can be in a directory if the
spawner’s choosing (as ling as it’s available in the chroot)
 2015-11-07 13:01:44 +01:00
Jagger
5f5e496179 Make it compile with -m32 2015-10-18 20:47:44 +02:00
Jagger
558ede7dfe Make __user_cap_data_struct const 2015-10-18 20:39:06 +02:00
Jagger
49faea78b0 Use 0x%tx for uintptr_t 2015-10-17 19:14:57 +02:00
Jagger
500e3efbaf Move LOG_I earlier in subproc.c 2015-10-17 19:11:48 +02:00
Jagger
59cedfe10f Use just a single list for mount-points (RO, RW, chroot) 2015-10-17 16:48:30 +02:00
Jagger
a7d04def38 __FUNCTION__ -> __func__ as C99 standard 2015-10-17 03:51:35 +02:00
Robert Swiecki
5202a7fc07 Use rlimit64 2015-10-13 19:06:59 +02:00
Jagger
3c9c63b608 In case there's no CLONE_NEWNS, just chroot() 2015-08-16 10:55:14 +02:00
Jagger
cbb64d571d Make --disable_proc work 2015-08-15 20:48:48 +02:00
Jagger
da4fc22eab indent 100 2015-08-15 20:10:07 +02:00
Jagger
99d78a996a readme typo 2015-08-15 16:20:48 +02:00
Jagger
c93ac358e1 Fixed flag description for --log 2015-08-15 16:05:57 +02:00
Jagger
701825970a Implementation of MODE_STANDALONE_EXECVE 2015-08-15 16:02:38 +02:00
Jagger
5dc0fe193a Better logging for clone failure 2015-08-12 04:32:34 +02:00
Jagger
292a8af67f Use 'R' as an alias for bindmount_ro 2015-08-12 04:27:57 +02:00
Jagger
04fa1e9c1f More verbose error messages for mounting files/dirs 2015-08-12 01:17:54 +02:00
Jagger
07df4307f5 Move tmpfs mounting before pivot_chroot 2015-08-12 00:58:26 +02:00
Jagger
a47a651999 Create a file for sockets/devs/files bind mounts 2015-08-11 14:34:17 +02:00
Jagger
8b951e6c28 Checks for strdup() result. Use remountBindMount since we have it 2015-07-15 03:33:13 +02:00
robertswiecki
e412608b61 Merge pull request #2 from jtolds/master 
Typo fix
 2015-07-14 22:11:18 +02:00
JT Olds
2ab390b1c6 Typo fix 2015-07-13 16:37:18 -06:00