Patrick Steinhardt
a517934aba
subproc: Allow killing subprocesses with different signal
...
`subproc::killAndReapAll()` is always killing the child process with the
SIGKILL signal. We're about to make this configurable though so that we
may optionally forward signals received by nsjail to the child process.
Add a new parameter to `killAndReapAll()` to prepare for this change.
2022-06-05 19:36:50 +02:00
243f6a8885a308d313198a2e037
472932c6f0
subproc.cc: fix typo: SiUime -> SiUtime
2022-02-23 14:41:23 +09:00
Robert Swiecki
9b73eaa289
subproc: print correct si fields for SIGCHLD
2022-02-08 12:17:59 +01:00
Robert Swiecki
aa0becd547
make indent
2021-11-12 20:24:33 +01:00
ndrewh
b248125c5f
Fix compile using FROM ubuntu:20.04
...
Remove clone_args members that are only present in 5.5+ and 5.7+
2021-11-08 11:52:23 +01:00
Robert Swiecki
246d4721b1
macros: make NS_VALSTR_STRUCT accept unsigned/64-bit vals
2021-09-30 16:44:48 +02:00
Robert Swiecki
db9e34ebd3
subproc: warn about CLONE_NEWTIME and clone(), and remove notice about CLONE_NEWCGROUP as the kernel versions should be now new enough for its support
2021-07-16 22:53:40 +02:00
Robert Swiecki
737b300609
subproc: debug log for unshare()
2021-07-16 22:47:18 +02:00
Robert Swiecki
d1f332b911
Enable support for clone3() and for CLONE_NEWTIME
2021-05-18 14:38:01 +02:00
Mehul Arora
b09ad5e91c
Fixed macro in subproc.cc
2021-05-12 12:13:06 +05:30
Robert Swiecki
056809ed3b
Initial support for CLONE_NEWTIME
2021-05-11 14:48:45 +02:00
Robert Swiecki
e1e80e8efa
subproc: refer users to dmesg in case si_syscall==31 (SIGSYS)
2021-02-01 23:22:43 +01:00
Robert Swiecki
608618ea7b
subproc: kill a process once in the -Ml mode once the TCP connection has ended
2020-08-30 22:02:08 +02:00
Robert Swiecki
fc02a3911c
make indent
2020-08-26 16:09:55 +02:00
Christian Blichmann
910fb5498c
Fix a few typos.
...
These were found by external tooling while preparing the Debian package.
* Uknown -> Unknown
* Writting -> Writing
* commited -> committed
* processess -> processes
Signed-off-by: Christian Blichmann <mail@blichmann.eu>
2020-07-07 14:07:22 +02:00
Piotr Krysiuk
b582491e02
fix non-functional max_conns_per_ip
...
Starting with nsjail::listenMode update to pipe socket traffic [commit 273ce6bc842cf562160d
2020-03-19 00:13:28 +00:00
Robert Swiecki
59abcc476e
subproc: debug log when hotting SIHQUIT (Ctrl+\) #2 - better check
2020-02-17 14:13:17 +01:00
Robert Swiecki
e0b941565d
subproc: debug log when hotting SIHQUIT (Ctrl+\)
2020-02-17 14:11:58 +01:00
Robert Swiecki
ab8b319c13
subproc: verify that a pid in a pid map doesn't exist before inserting
2020-02-17 14:07:25 +01:00
Robert Swiecki
2cf562160d
nsjail/pid/subproc: a). keep childrens' PIDs in a map indexed by pid b). correctly fetch remote IPv6 address text
2020-02-16 22:34:19 +01:00
Robert Swiecki
04e5fae0e3
subproc: recognize CLONE_PIDFD
2019-12-10 11:09:14 +01:00
Robert Swiecki
0773b75900
subproc: fix invalid conversions from util::syscall to syscall
2019-09-02 16:10:19 +02:00
Jay Lees
08f62b6f76
[cgroup-v2] support cgroup v2 for mem, cpu and pids
2019-07-26 07:02:17 -07:00
Robert Swiecki
8059747016
subproc: save/restore errno when printing error message twice
2019-03-12 17:07:24 +01:00
Robert Swiecki
061e32839f
use util::syscall whenever possible
2019-01-21 22:37:30 +01:00
Robert Swiecki
83fc152d7c
Make netlink3-route mandatory
2019-01-20 18:37:47 +01:00
Robert Swiecki
48f67f131a
subproc: PLOG -> LOG
2019-01-04 01:41:26 +01:00
Robert Swiecki
864aa72a2a
subproc: print more data on sigsys
2018-12-05 10:10:21 +01:00
disconnect3d
25a7791d34
Fix utils::writeToFd return type
...
The `writeToFd` function in `util.cc` returns `ssize_t` but the only
returned values are either `false` or `true`.
```
ssize_t writeToFd(int fd, const void* buf, size_t len) {
(...) return false;
(...) return true;
```
2018-11-24 16:40:30 +01:00
Robert Swiecki
5a8a178290
configs/bash: add noexec/nodev/nosuid to a mount
2018-07-27 22:54:28 +02:00
Wiktor Garbacz
bb4e77686d
subproc: reap processes after killing
...
Always try to release resources if possible.
Fixes #69
2018-07-27 13:33:39 +02:00
Robert Swiecki
d355e1dc08
subproc: better log messages
2018-07-23 23:35:01 +02:00
Robert Swiecki
4c87531bcc
Don't re-run process if previous execution failed
2018-07-23 17:13:17 +02:00
Robert Swiecki
4ef480546d
subproc: correct casting for nsjconf->tlimit in printf
2018-07-05 14:32:07 +02:00
Robert Swiecki
5176140e3f
Merge branch 'master' of github.com:google/nsjail
2018-06-07 14:59:32 +02:00
Robert Swiecki
ffd836018d
subproc: replicate bash behavior on exit values
2018-06-07 14:59:12 +02:00
Robert Swiecki
fc0e98b6b4
subproc: better log messages
2018-06-03 03:22:50 +02:00
Robert Swiecki
ff63b2ed4f
nsjail: better return values
2018-05-28 01:40:02 +02:00
Robert Swiecki
b8798fc9a7
use strtoimax when needed
2018-05-26 13:54:17 +02:00
Robert Swiecki
2b6955e48c
A few c++isms more
2018-05-23 18:19:17 +02:00
Robert Swiecki
c365eb1766
More c++ isms
2018-05-22 14:27:18 +02:00
Robert Swiecki
1b3e42d65a
more C++-izations over places #2
2018-04-29 01:15:44 +02:00
Robert Swiecki
a346634ec3
more C++-izations over places
2018-04-29 01:10:09 +02:00
Robert Swiecki
11195999a3
rename ARRAYSIZE to ARR_SZ due to clash with protobufs headers
2018-02-13 16:53:45 +01:00
Robert Swiecki
8a22a4abb6
convert exec file and argv to string/vector
2018-02-12 16:52:05 +01:00
Robert Swiecki
810394cf16
switc all == false cmps to !
2018-02-12 15:17:33 +01:00
Robert Swiecki
7b9178f5d7
make indent depend
2018-02-11 04:02:43 +01:00
Robert Swiecki
ac89fbb44f
user: simplify creation of uid/gid maps
2018-02-11 04:02:14 +01:00
Robert Swiecki
0513124b4f
mnt: convert describeMountPt from const char* to std::string
2018-02-11 00:24:43 +01:00
Robert Swiecki
55e8e09c4a
net: convert net::connToText to std::string
2018-02-11 00:17:44 +01:00
