Jagger
a225069b4d
Use %#x instead of %u
2016-01-22 00:50:45 +01:00
Jagger
c3298d0019
Remove _FORTIFY_SOURCE=2
2016-01-22 00:11:31 +01:00
robertswiecki
53905ed813
Merge pull request #4 from q3k/master
...
Move definition of _FORTIFY_SOURCE to nsjail.h
2016-01-20 20:23:02 +01:00
Sergiusz 'q3k' Bazański
fe2550e35b
Move definition of _FORTIFY_SOURCE to nsjail.h
...
This lets us undefine any built-in gcc macro. Otherwise, a redefinition
from the command line occurs and a warning is thrown, breaking the build
(due to -Werror).
2016-01-20 20:21:27 +01:00
Robert Swiecki
0ac43cddf0
No need to include log.h in util.h
2016-01-20 18:05:42 +01:00
Robert Swiecki
4f90b612d0
correct guard macro comment
2016-01-20 18:00:13 +01:00
Robert Swiecki
19de49b375
Missing util.*
2016-01-20 17:55:40 +01:00
Jagger
24af1c6d98
Introduce util.c
2016-01-17 04:14:09 +01:00
Robert Swiecki
307a6f0257
Create a file/dir inside jail beforemounting
2016-01-14 15:44:29 +01:00
Robert Swiecki
42efeb6073
Add --cmd
2016-01-14 15:26:18 +01:00
Jagger
dcd80af9bc
Revert of .chroot = NULL
2016-01-09 16:11:31 +01:00
Jagger
2765e58c4e
Use TAILQ instead of LIST to insert new mount entries at the end
2016-01-09 16:09:05 +01:00
Robert Swiecki
88e796e004
Set a separate session/process_group
2015-11-24 18:34:05 +01:00
Robert Swiecki
da133a6d11
Correctly cast arguments to syscall()
2015-11-19 15:04:41 +01:00
robertswiecki
22f3ca5ecb
Merge pull request #3 from JamyDev/master
...
Add `cwd` option to define what folder in the jail the process should start in.
2015-11-07 15:03:28 +01:00
Jamy Timmermans
0e14a0b341
Update readme with cwd property
2015-11-07 13:33:50 +01:00
Jamy Timmermans
bd5ed5ac63
Fix dereference in cwd option
2015-11-07 06:11:55 -06:00
Jamy Timmermans
93abc40dde
Add a cwd
option
...
This way the process being spawned can be in a directory if the
spawner’s choosing (as ling as it’s available in the chroot)
2015-11-07 13:01:44 +01:00
Jagger
5f5e496179
Make it compile with -m32
2015-10-18 20:47:44 +02:00
Jagger
558ede7dfe
Make __user_cap_data_struct const
2015-10-18 20:39:06 +02:00
Jagger
49faea78b0
Use 0x%tx for uintptr_t
2015-10-17 19:14:57 +02:00
Jagger
500e3efbaf
Move LOG_I earlier in subproc.c
2015-10-17 19:11:48 +02:00
Jagger
59cedfe10f
Use just a single list for mount-points (RO, RW, chroot)
2015-10-17 16:48:30 +02:00
Jagger
a7d04def38
__FUNCTION__ -> __func__ as C99 standard
2015-10-17 03:51:35 +02:00
Robert Swiecki
5202a7fc07
Use rlimit64
2015-10-13 19:06:59 +02:00
Jagger
3c9c63b608
In case there's no CLONE_NEWNS, just chroot()
2015-08-16 10:55:14 +02:00
Jagger
cbb64d571d
Make --disable_proc work
2015-08-15 20:48:48 +02:00
Jagger
da4fc22eab
indent 100
2015-08-15 20:10:07 +02:00
Jagger
99d78a996a
readme typo
2015-08-15 16:20:48 +02:00
Jagger
c93ac358e1
Fixed flag description for --log
2015-08-15 16:05:57 +02:00
Jagger
701825970a
Implementation of MODE_STANDALONE_EXECVE
2015-08-15 16:02:38 +02:00
Jagger
5dc0fe193a
Better logging for clone failure
2015-08-12 04:32:34 +02:00
Jagger
292a8af67f
Use 'R' as an alias for bindmount_ro
2015-08-12 04:27:57 +02:00
Jagger
04fa1e9c1f
More verbose error messages for mounting files/dirs
2015-08-12 01:17:54 +02:00
Jagger
07df4307f5
Move tmpfs mounting before pivot_chroot
2015-08-12 00:58:26 +02:00
Jagger
a47a651999
Create a file for sockets/devs/files bind mounts
2015-08-11 14:34:17 +02:00
Jagger
8b951e6c28
Checks for strdup() result. Use remountBindMount since we have it
2015-07-15 03:33:13 +02:00
robertswiecki
e412608b61
Merge pull request #2 from jtolds/master
...
Typo fix
2015-07-14 22:11:18 +02:00
JT Olds
2ab390b1c6
Typo fix
2015-07-13 16:37:18 -06:00
Jagger
e3fe2d183c
tmpfs_size (size_t) + indent
2015-07-08 00:54:59 +02:00
robertswiecki
a7c2284f4f
Merge pull request #1 from jtolds/master
...
A collection of small changes (need feedback)
2015-07-07 23:43:56 +02:00
JT Olds
8841a08dd3
Make tmpfs size configurable
2015-07-07 15:42:25 -06:00
JT Olds
d43c4975ae
Return failing exit status on timeout
2015-07-07 15:41:58 -06:00
JT Olds
5b28785790
Don't mount NODEV so stuff like /dev/null works
...
Users now need to be careful about allowing device special files
in the jail.
2015-07-07 15:41:55 -06:00
JT Olds
3e7f15fcbe
update readme
2015-07-07 11:54:36 -06:00
JT Olds
821eb78054
Improve bindmount interface.
...
Now supports readonly bindmounts and
differentiating between source and target path.
2015-07-07 11:52:32 -06:00
JT Olds
459a220133
Return child exit status in standalone mode
2015-07-07 10:33:47 -06:00
Robert Swiecki
8cfa157455
Remove unused struct definition
2015-06-19 16:35:02 +02:00
Jagger
c6f8843c64
Indent
2015-06-18 03:07:22 +02:00
Jagger
5dfdb470cd
Replace self-made list of pointers with queue.h
2015-06-18 03:00:39 +02:00