woj/nsjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
929 Commits 2 Branches 0 Tags 1.5 MiB
7fe87b41c7
Commit Graph

929 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Wiktor Garbacz
7fe87b41c7 code formatting 2018-10-24 10:31:14 +02:00
happyCoder92
eee0cec302
Merge pull request #96 from mickydelfavero/master 
Added --macvlan_vs_ma switch to be able to set macvlan's mac-address.
 2018-10-24 10:27:17 +02:00
Micky Del Favero
303f7ab7f0 Remove duplicate code 
Signed-off-by: Micky Del Favero <micky@BeeCloudy.net>
 2018-10-23 22:24:43 +02:00
Micky Del Favero
233a7296fe Added --macvlan_vs_ma switch to be able to set macvlan's mac-address. 
Signed-off-by: Micky Del Favero <micky@BeeCloudy.net>
 2018-10-23 15:05:50 +02:00
Robert Swiecki
a288158095 Updated kafel 2018-10-22 14:44:12 +02:00
Wiktor Garbacz
1bb58083c4 use new kafel features in configs and examples 2018-09-06 14:19:01 +02:00
Wiktor Garbacz
758f90a279 update kafel 2018-09-06 14:19:01 +02:00
robertswiecki
977b5ada23
Merge pull request #94 from tomj/master 
README Docker disambiguations
 2018-09-03 07:22:32 +02:00
tomj
4096acee3c
README Docker disambiguations 
Disambiguate between nsjail _container_ and _command_ in README for easier reading.

- Being a n00b to this project I feel this makes the onboarding of use with Docker somewhat easier by removing duplicated/overloaded terms.
 2018-09-03 01:39:41 +10:00
robertswiecki
589b342863
Merge pull request #90 from disconnect3d/patch-1 
Update config.proto
 2018-07-31 23:15:43 +02:00
Disconnect3d
760350d788
Update config.proto 2018-07-31 23:10:05 +02:00
Disconnect3d
755626f543
Update config.proto 2018-07-31 23:09:24 +02:00
Robert Swiecki
ef94c3cc6b config: correct way of setting pass_fd 2018-07-31 22:52:03 +02:00
Robert Swiecki
6af9565a1d mnt: function rename 2018-07-29 00:30:08 +02:00
Robert Swiecki
5a8a178290 configs/bash: add noexec/nodev/nosuid to a mount 2018-07-27 22:54:28 +02:00
Wiktor Garbacz
bb4e77686d subproc: reap processes after killing 
Always try to release resources if possible.

Fixes #69
 2018-07-27 13:33:39 +02:00
Wiktor Garbacz
ba14675185 mnt: added nosuid/nodev/noexec flags to config 
Closes #70
 2018-07-27 11:29:15 +02:00
Wiktor Garbacz
26d086f986 cgroup: refactor cgroup code 
Extract common functions, use c++ strings.

Fixes #83
 2018-07-26 14:46:36 +02:00
Wiktor Garbacz
c23d02e5f3 mnt: remount all filesystems 
Explicitly specifying RW "/" mount in config did not yield desired
result.
The reason was a default RO "/" tmpfs is prepended to mountpoint
list. All filesystems are initially mounted RW to be able to create
directories for mountpoints. Read only filesystems were remounted
during a 2nd pass, effectively overriding RW flag of fs mounted
over them.

Fixes #88
 2018-07-24 16:30:31 +02:00
Wiktor Garbacz
1923d6af04 conifg: parse cgroup_cpu settings 
Fixes #87
 2018-07-24 15:20:44 +02:00
robertswiecki
480af4ef75
Merge pull request #85 from jvvv/master 
README.md, nsjail.1: add --stderr_to_null option
 2018-07-24 00:38:27 +02:00
Robert Swiecki
bfd7f1ec78 nsjail: clearer new_proc/reap_proc loop 2018-07-24 00:23:44 +02:00
Robert Swiecki
d355e1dc08 subproc: better log messages 2018-07-23 23:35:01 +02:00
Robert Swiecki
4c87531bcc Don't re-run process if previous execution failed 2018-07-23 17:13:17 +02:00
John Vogel
37c0b9b37a README.md, nsjail.1: add --stderr_to_null option 2018-07-14 10:20:34 -04:00
Robert Swiecki
4ef480546d subproc: correct casting for nsjconf->tlimit in printf 2018-07-05 14:32:07 +02:00
Robert Swiecki
06c5818abd configs/bash: add stderr_to_null 2018-06-25 04:12:07 +02:00
Robert Swiecki
5bf23a0e58 cmdline: more stderr_to_null closer to is_silent 2018-06-25 04:10:42 +02:00
Robert Swiecki
272a85477a config: Implement --stderr_to_null 2018-06-25 03:12:27 +02:00
Robert Swiecki
054e62c026 net: use memset to init stack structs 2018-06-20 15:36:44 +02:00
Robert Swiecki
21a7bbbe6a Makefile: lower -Wformat to 1 2018-06-19 03:58:17 +02:00
Robert Swiecki
d6e825ddb3 util: c++ version of sprintf 2018-06-16 02:16:24 +02:00
robertswiecki
1ac94e7f61
Merge pull request #82 from jvvv/master 
nsjail.1: update manpage to match README
 2018-06-12 23:39:47 +02:00
John Vogel
6128d3a992 nsjail.1: update manpage to match README 
Added --symlink/-s option.
Removed --tmpfs_size option.
Changed --cpu_mount, --cpu_parent to
	--cgroup_cpu_mount, --cgroup_cpu_parent.
Adjustments to match README.
 2018-06-12 17:33:33 -04:00
Robert Swiecki
72ed4b54a1 nsjail.h: missed initialization of keep_env 2018-06-12 16:57:19 +02:00
Robert Swiecki
a263231ee0 readme 2018-06-12 15:47:32 +02:00
Robert Swiecki
cf9850f944 1. Give ability to specify sym-links from the command-line 2. Remove tmpfs_size. -m none:dest:tmpfs:size=..... should be used for this 2018-06-12 15:37:30 +02:00
Robert Swiecki
ea420b163d move isatty after log_fd is set 2018-06-07 18:43:08 +02:00
Robert Swiecki
0f2d50bf1a Log to a duplicate of stderr initially 2018-06-07 18:42:34 +02:00
Robert Swiecki
e8e6c1b906 make indent depend 2018-06-07 18:37:17 +02:00
Robert Swiecki
ffa0051d98 logs: lower logfile error to warning 2018-06-07 16:57:43 +02:00
Robert Swiecki
04627982d0 logs: use log file/level immediately 2018-06-07 16:51:50 +02:00
Robert Swiecki
5176140e3f Merge branch 'master' of github.com:google/nsjail 2018-06-07 14:59:32 +02:00
Robert Swiecki
ffd836018d subproc: replicate bash behavior on exit values 2018-06-07 14:59:12 +02:00
Robert Swiecki
fc0e98b6b4 subproc: better log messages 2018-06-03 03:22:50 +02:00
Robert Swiecki
c4fca33542 Merge branch 'master' of ssh://github.com/google/nsjail 2018-06-03 03:19:52 +02:00
Robert Swiecki
111481532b config: add --iface_own to the proto config 2018-06-03 03:19:40 +02:00
robertswiecki
0677f160f3
Merge pull request #79 from jvvv/master 
Update docs for options changes
 2018-06-02 20:17:03 +02:00
John Vogel
07702cc20b Update docs for options changes 
Add new --iface_own option to docs.
Remove deprecated option from docs.
 2018-06-02 11:02:09 -04:00
Robert Swiecki
a30f2ddf12 configs/firefox - global user must be specified because of X11 permissions 2018-06-01 23:39:07 +02:00