Robert Swiecki
|
c3462e2529
|
Typo: subproccloneFunc -> subprocCloneFunc
|
2016-10-15 02:58:42 +02:00 |
|
Robert Swiecki
|
2a8faeba7a
|
Make use of subprocClone, plus remove use of syscall(__NR_getpid)
|
2016-10-15 02:42:01 +02:00 |
|
Robert Swiecki
|
fe7fe8591f
|
Use common subprocSystem for executing commands
|
2016-10-12 02:01:12 +02:00 |
|
Jagger
|
ee7de33531
|
Use O_CLOEXEC when possible to avoid leaking FDs
|
2016-09-10 03:20:32 +02:00 |
|
Robert Swiecki
|
1dc33c7bcf
|
Remove defer{} calls
|
2016-07-29 15:38:22 +02:00 |
|
Robert Swiecki
|
432c82bb34
|
Make it a bit more standards friendly
|
2016-07-21 15:48:47 +02:00 |
|
Jagger
|
e981cbc730
|
Init cgroups with -Me
|
2016-06-19 19:36:56 +02:00 |
|
Jagger
|
ac06ff56c9
|
Remove cgroup before reporting process being finished
|
2016-06-19 16:02:00 +02:00 |
|
Jagger
|
827e1a4e7d
|
Init cgroups from parent
|
2016-06-19 15:50:25 +02:00 |
|
Jagger
|
a1f0ec7925
|
Support for CLONE_NEWCGROUP
|
2016-06-19 11:55:55 +02:00 |
|
Jagger
|
d4912847ed
|
Make it compile with clang
|
2016-06-12 13:07:40 +02:00 |
|
Robert Swiecki
|
3edc8bf4a7
|
Move PID ns to a separate module
|
2016-05-13 17:07:44 +02:00 |
|
Jagger
|
d78e141f70
|
Use a subprocess to setup unshare mount /proc
|
2016-05-12 22:25:48 +02:00 |
|
Robert Swiecki
|
0f8fbf7ad9
|
Use dummy init with -Me
|
2016-05-11 16:20:05 +02:00 |
|
Robert Swiecki
|
5e0b5d92b8
|
Use %td instead of %tx for syscall number
|
2016-05-10 15:47:13 +02:00 |
|
Robert Swiecki
|
0493176513
|
Syscall printing
|
2016-05-10 15:45:48 +02:00 |
|
Jagger
|
4a5a796d26
|
Make it compile (de-facto) with clang
|
2016-05-09 23:16:26 +02:00 |
|
Jagger
|
95217d6d55
|
Restarts with interruptible syscalls
|
2016-05-09 23:11:18 +02:00 |
|
Robert Swiecki
|
6e25d47eba
|
Cover interruptible syscalls with TEMP_FAILURE_RETRY
|
2016-05-09 15:16:26 +02:00 |
|
Jagger
|
c77d2097ff
|
Print hex always as 0x
|
2016-05-08 04:00:33 +02:00 |
|
Jagger
|
994af12692
|
Indent
|
2016-05-08 03:36:31 +02:00 |
|
Jagger
|
d5162548b3
|
Print seccomp-bpf arguments in an organized way
|
2016-05-08 03:36:16 +02:00 |
|
Jagger
|
73c847fc98
|
Print /proc/<pid>/syscall upon SIGSYS
|
2016-05-08 03:09:43 +02:00 |
|
Jagger
|
590899b7b8
|
Make -Me work again
|
2016-05-05 05:44:12 +02:00 |
|
Jagger
|
2603deb84c
|
No need to set return value with timeouts
|
2016-05-05 05:39:57 +02:00 |
|
Jagger
|
5bbfd06dcc
|
Return 0 only of child returned 0
|
2016-05-05 05:12:06 +02:00 |
|
Jagger
|
87f1883c69
|
wait4 instead of waitpid
|
2016-05-05 05:07:21 +02:00 |
|
Jagger
|
070939e18a
|
Better check for SIGSYS
|
2016-05-05 05:04:01 +02:00 |
|
Jagger
|
de9ff2382e
|
Report seccomp violations
|
2016-05-05 01:58:26 +02:00 |
|
Robert Swiecki
|
88e81e3e4b
|
No need to read from pipefd at the end of subproc
|
2016-04-25 16:06:19 +02:00 |
|
Jagger
|
8371afabb9
|
read() -> utilReadFromFd()
|
2016-04-25 02:01:26 +02:00 |
|
Jagger
|
57a523dd08
|
Use defer {} instead of DEFER()
|
2016-04-23 04:22:31 +02:00 |
|
Robert Swiecki
|
f17c13645c
|
Remove old log semantics
|
2016-03-15 20:45:20 +01:00 |
|
Robert Swiecki
|
3bc8cce90e
|
No need to redirect log fd anymore
|
2016-03-15 20:42:03 +01:00 |
|
Jagger
|
4ae2c027ac
|
Cleaner impl. of DEFER
|
2016-03-10 22:56:26 +01:00 |
|
Jagger
|
aff93f9d71
|
Unnecessary __block
|
2016-03-09 23:48:07 +01:00 |
|
Robert Swiecki
|
dcf446d7f3
|
More defer-ization
|
2016-03-08 18:37:07 +01:00 |
|
Robert Swiecki
|
eb52ab9a2b
|
Move contain fnctions into contain.c
|
2016-03-08 15:57:09 +01:00 |
|
Jagger
|
1f4983290e
|
Var types
|
2016-03-04 01:39:21 +01:00 |
|
Robert Swiecki
|
9cc41e820f
|
Separate uts.* module
|
2016-03-03 16:09:25 +01:00 |
|
Robert Swiecki
|
2652872fac
|
CLONE_NEWUSER routines in a separate module
|
2016-03-03 15:54:15 +01:00 |
|
Robert Swiecki
|
2c1ff531e3
|
Clearer naming of net functions
|
2016-03-03 15:43:40 +01:00 |
|
Robert Swiecki
|
e02d4e4edf
|
Separate mount.c module
|
2016-03-03 15:37:04 +01:00 |
|
Robert Swiecki
|
62eda3c738
|
Add child only after successful clone()
|
2016-02-29 16:09:08 +01:00 |
|
Jagger
|
43983cbb17
|
Add --iface_lo_up
|
2016-02-29 00:14:36 +01:00 |
|
Jagger
|
8dad34ae4a
|
Set-up parent in a separate function
|
2016-02-28 23:23:24 +01:00 |
|
Jagger
|
9a7b8550a6
|
Return early in case of problems with set-up of the child from parent
|
2016-02-28 16:43:35 +01:00 |
|
Jagger
|
d8007e15ad
|
Correct write() check
|
2016-02-28 16:38:10 +01:00 |
|
Jagger
|
8d641169e3
|
Initialize user/group maps from the parent process
|
2016-02-28 02:34:43 +01:00 |
|
Jagger
|
ad4b0105a7
|
No need to add (default:none) in cmdline
|
2016-02-28 01:52:09 +01:00 |
|
Robert Swiecki
|
aebc3dba41
|
Env variables (setting/clearing)
|
2016-01-26 17:42:10 +01:00 |
|
Jagger
|
a225069b4d
|
Use %#x instead of %u
|
2016-01-22 00:50:45 +01:00 |
|
Jagger
|
24af1c6d98
|
Introduce util.c
|
2016-01-17 04:14:09 +01:00 |
|
Jagger
|
2765e58c4e
|
Use TAILQ instead of LIST to insert new mount entries at the end
|
2016-01-09 16:09:05 +01:00 |
|
Robert Swiecki
|
88e796e004
|
Set a separate session/process_group
|
2015-11-24 18:34:05 +01:00 |
|
Robert Swiecki
|
da133a6d11
|
Correctly cast arguments to syscall()
|
2015-11-19 15:04:41 +01:00 |
|
Jagger
|
500e3efbaf
|
Move LOG_I earlier in subproc.c
|
2015-10-17 19:11:48 +02:00 |
|
Jagger
|
cbb64d571d
|
Make --disable_proc work
|
2015-08-15 20:48:48 +02:00 |
|
Jagger
|
da4fc22eab
|
indent 100
|
2015-08-15 20:10:07 +02:00 |
|
Jagger
|
701825970a
|
Implementation of MODE_STANDALONE_EXECVE
|
2015-08-15 16:02:38 +02:00 |
|
Jagger
|
5dc0fe193a
|
Better logging for clone failure
|
2015-08-12 04:32:34 +02:00 |
|
JT Olds
|
d43c4975ae
|
Return failing exit status on timeout
|
2015-07-07 15:41:58 -06:00 |
|
JT Olds
|
459a220133
|
Return child exit status in standalone mode
|
2015-07-07 10:33:47 -06:00 |
|
Jagger
|
9960304cab
|
A crude way of cloning an eth interface
|
2015-05-28 03:37:08 +02:00 |
|
Robert Swiecki
|
b01eb30f6b
|
Close pipefd[1] before reading from pipefd[0]
|
2015-05-27 15:41:08 +02:00 |
|
Robert Swiecki
|
ee68cd9d30
|
Log function names
|
2015-05-15 16:42:56 +02:00 |
|
Robert Swiecki
|
69622c17ae
|
Logs from the child process (namespaced) are proxied to the parent
process
|
2015-05-15 16:02:15 +02:00 |
|
Robert Swiecki
|
0ca35aa942
|
Initial import
|
2015-05-14 23:44:48 +02:00 |
|