nsjail

woj/nsjail

Author	SHA1	Message	Date
Robert Swiecki	c510f98187	Makefile: also clean protobuf-c-text	2017-05-28 18:58:47 +02:00
Robert Swiecki	9c72e834dd	Pass CFLAGS to protobuf-c-text	2017-05-28 18:46:38 +02:00
Robert Swiecki	5972d34d18	Makefile: remove stack-protector from CFLAGS	2017-05-28 18:37:50 +02:00
Robert Swiecki	f7146e1e6d	protobuf-c-text: compile with -fPIC	2017-05-28 14:41:03 +02:00
Robert Swiecki	ffe865934b	makefile: incorrect libprotobuf-c check	2017-05-28 14:34:28 +02:00
Robert Swiecki	fc1211d62a	Makefile: surround make -C kafel clean with ifdefs	2017-05-27 02:32:39 +02:00
Robert Swiecki	90d33db05d	config: warn about missing libprotobuf-c	2017-05-27 02:31:11 +02:00
Robert Swiecki	b5e37a6c4a	config: support mounts	2017-05-27 01:16:12 +02:00
Robert Swiecki	53f825115f	More work on uid mappings	2017-05-26 23:26:07 +02:00
Robert Swiecki	4eaa6cc9d3	Rewrite uid mapping system	2017-05-26 23:07:47 +02:00
Robert Swiecki	56cc2d6010	+protobuf-c-text: parsing from text file	2017-05-26 04:25:55 +02:00
Robert Swiecki	ad53e11e9b	+protobuf-c-text	2017-05-26 04:15:45 +02:00
Robert Swiecki	b5e4f35906	config: basic parsing	2017-05-26 02:25:37 +02:00
Robert Swiecki	f51b02c569	config: initial proto generated files	2017-05-26 01:55:02 +02:00
Robert Swiecki	1bf794f492	config: add basic config support	2017-05-26 01:44:16 +02:00
Robert Swiecki	1649dd42a4	Makefile: use pkg-config for nl3-route and protobuf-c	2017-05-26 01:22:29 +02:00
Robert Swiecki	a60f84d7e2	Add flags printing for clone()	2017-05-21 19:44:54 +02:00
Wiktor Garbacz	dc428155e8	Simplify cloning/building. Kafel submodule will be automatically initialized if not done manually before invoking `make`.	2017-05-15 19:39:20 +02:00
Robert Swiecki	4b9f2e930e	Remove unnecessary includes	2017-05-08 18:40:21 +02:00
Robert Swiecki	d9cb28b97d	Use kafel unconditionally	2017-05-08 15:50:29 +02:00
Robert Swiecki	e38be346dc	Make it possible to build w/o kafel and nl3	2017-02-13 22:59:24 +01:00
Robert Swiecki	4a154733e0	Allow to specify multiple uid/gid maps	2017-02-08 00:36:32 +01:00
Robert Swiecki	3b83267cfd	Init user-ns setresuid/setresgid before initializing other NSes	2017-02-07 18:31:50 +01:00
Robert Swiecki	bbf743791f	Remove bpf-helper as it's not needed since kafel/	2017-01-09 12:49:30 +01:00
Robert Swiecki	364273afd7	Makefile: Make it possible to disable kafel and libnl3 from envvar	2016-11-20 23:37:38 +01:00
Robert Swiecki	78ccfa863a	setjmp/longjmp: don't use stack-based jmp_buf, use TLS one	2016-11-03 03:53:52 +01:00
Robert Swiecki	37a5d15fa8	Comment type + make indent	2016-10-17 22:53:31 +02:00
Wiktor Garbacz	551ed4ca05	Kafel support	2016-09-29 16:22:09 +02:00
Robert Swiecki	1aa24fbeeb	Remove -fblocks from Makefile	2016-07-29 15:49:35 +02:00
Robert Swiecki	f3b70cc314	Remove -lBlocksRuntime	2016-07-27 14:04:03 +02:00
Jagger	827e1a4e7d	Init cgroups from parent	2016-06-19 15:50:25 +02:00
Jagger	e3a351b335	More memory cgroup controls	2016-06-19 13:54:36 +02:00
Jagger	6223ccebf1	Rudimentary cgroup support	2016-06-19 12:47:28 +02:00
Jagger	86ddf16279	Implement --pass_fd	2016-06-18 00:46:57 +02:00
Robert Swiecki	3edc8bf4a7	Move PID ns to a separate module	2016-05-13 17:07:44 +02:00
Robert Swiecki	969750c4c9	Don't take CFLAGS into consideration with make depend	2016-03-11 15:48:23 +01:00
Robert Swiecki	e557cf4056	Remove dependency on libnl3 in depend	2016-03-11 15:47:16 +01:00
Jagger	eff4796c95	Correct (non-resrved) header guards	2016-03-11 02:45:43 +01:00
Jagger	4ae2c027ac	Cleaner impl. of DEFER	2016-03-10 22:56:26 +01:00
Jagger	7d2d0ce8f1	DEBUG only of requested	2016-03-09 23:51:13 +01:00
Jagger	c2795516e9	Noexecstack -Wl	2016-03-09 01:11:05 +01:00
Jagger	09000dc5fa	Simpler check for compiler	2016-03-09 01:07:37 +01:00
Jagger	b9cb17661c	Check for gcc in Makefile	2016-03-09 01:02:23 +01:00
Jagger	a71371e327	Check for gcc in Makefile	2016-03-09 00:56:20 +01:00
Robert Swiecki	4eee12b9e3	Stricter check for clang	2016-03-08 18:49:06 +01:00
Robert Swiecki	e561dc6bb1	Implement defer()	2016-03-08 18:22:50 +01:00
Robert Swiecki	9cc41e820f	Separate uts.* module	2016-03-03 16:09:25 +01:00
Robert Swiecki	2652872fac	CLONE_NEWUSER routines in a separate module	2016-03-03 15:54:15 +01:00
Robert Swiecki	e02d4e4edf	Separate mount.c module	2016-03-03 15:37:04 +01:00
Jagger	a194a90ae4	Use NL3 for macvlan if present	2016-02-29 22:12:01 +01:00
Robert Swiecki	114ce7e976	Make it possible to compile with clang	2016-02-29 19:09:39 +01:00
Robert Swiecki	466f49e16d	Indent/Depend	2016-02-29 18:56:52 +01:00
Sergiusz 'q3k' Bazański	fe2550e35b	Move definition of _FORTIFY_SOURCE to nsjail.h This lets us undefine any built-in gcc macro. Otherwise, a redefinition from the command line occurs and a warning is thrown, breaking the build (due to -Werror).	2016-01-20 20:21:27 +01:00
Jagger	24af1c6d98	Introduce util.c	2016-01-17 04:14:09 +01:00
Jagger	da4fc22eab	indent 100	2015-08-15 20:10:07 +02:00
Jagger	9d58b74bb9	Indentation + add missing macros to the seccomp helper	2015-05-15 02:05:36 +02:00
Robert Swiecki	0ca35aa942	Initial import	2015-05-14 23:44:48 +02:00

1 2 3

107 Commits