Jagger
|
6223ccebf1
|
Rudimentary cgroup support
|
2016-06-19 12:47:28 +02:00 |
|
Jagger
|
a1f0ec7925
|
Support for CLONE_NEWCGROUP
|
2016-06-19 11:55:55 +02:00 |
|
Jagger
|
df97c0fe74
|
Use NULL as src for mounting proc and tmpfs
|
2016-06-19 01:35:06 +02:00 |
|
Jagger
|
2e523ae4b8
|
/proc is ro by defauly
|
2016-06-19 01:05:31 +02:00 |
|
Jagger
|
da0f4c0695
|
Better logging for closing(fd)
|
2016-06-18 11:08:35 +02:00 |
|
Jagger
|
53d8e16a01
|
cmdline typos
|
2016-06-18 01:24:57 +02:00 |
|
Jagger
|
86ddf16279
|
Implement --pass_fd
|
2016-06-18 00:46:57 +02:00 |
|
Jagger
|
d4912847ed
|
Make it compile with clang
|
2016-06-12 13:07:40 +02:00 |
|
Jagger
|
78bc1ce932
|
Logs LOG/PLOG
|
2016-06-05 19:09:14 +02:00 |
|
Jagger
|
842e54b0a0
|
LOG->PLOG
|
2016-05-15 02:32:50 +02:00 |
|
Jagger
|
f06084bbea
|
Order of includes
|
2016-05-14 03:38:15 +02:00 |
|
Robert Swiecki
|
3edc8bf4a7
|
Move PID ns to a separate module
|
2016-05-13 17:07:44 +02:00 |
|
Jagger
|
d78e141f70
|
Use a subprocess to setup unshare mount /proc
|
2016-05-12 22:25:48 +02:00 |
|
Robert Swiecki
|
0f8fbf7ad9
|
Use dummy init with -Me
|
2016-05-11 16:20:05 +02:00 |
|
Robert Swiecki
|
0339d0497f
|
Description for -Me
|
2016-05-10 15:54:10 +02:00 |
|
Robert Swiecki
|
5e0b5d92b8
|
Use %td instead of %tx for syscall number
|
2016-05-10 15:47:13 +02:00 |
|
Robert Swiecki
|
0493176513
|
Syscall printing
|
2016-05-10 15:45:48 +02:00 |
|
Jagger
|
19c9598631
|
Use examples
|
2016-05-10 00:54:25 +02:00 |
|
Jagger
|
a6062dd03a
|
Restart fcntl()
|
2016-05-09 23:45:56 +02:00 |
|
Jagger
|
4a5a796d26
|
Make it compile (de-facto) with clang
|
2016-05-09 23:16:26 +02:00 |
|
Jagger
|
95217d6d55
|
Restarts with interruptible syscalls
|
2016-05-09 23:11:18 +02:00 |
|
Robert Swiecki
|
6e25d47eba
|
Cover interruptible syscalls with TEMP_FAILURE_RETRY
|
2016-05-09 15:16:26 +02:00 |
|
Jagger
|
c77d2097ff
|
Print hex always as 0x
|
2016-05-08 04:00:33 +02:00 |
|
Jagger
|
994af12692
|
Indent
|
2016-05-08 03:36:31 +02:00 |
|
Jagger
|
d5162548b3
|
Print seccomp-bpf arguments in an organized way
|
2016-05-08 03:36:16 +02:00 |
|
Jagger
|
73c847fc98
|
Print /proc/<pid>/syscall upon SIGSYS
|
2016-05-08 03:09:43 +02:00 |
|
Jagger
|
590899b7b8
|
Make -Me work again
|
2016-05-05 05:44:12 +02:00 |
|
Jagger
|
2603deb84c
|
No need to set return value with timeouts
|
2016-05-05 05:39:57 +02:00 |
|
Jagger
|
5bbfd06dcc
|
Return 0 only of child returned 0
|
2016-05-05 05:12:06 +02:00 |
|
Jagger
|
87f1883c69
|
wait4 instead of waitpid
|
2016-05-05 05:07:21 +02:00 |
|
Jagger
|
070939e18a
|
Better check for SIGSYS
|
2016-05-05 05:04:01 +02:00 |
|
Jagger
|
99ca4c5df2
|
isprint misbehaves with some glibc versions
|
2016-05-05 03:53:53 +02:00 |
|
Jagger
|
dc66939d67
|
Have some syscall to test seccomp-bpf
|
2016-05-05 02:00:41 +02:00 |
|
Jagger
|
de9ff2382e
|
Report seccomp violations
|
2016-05-05 01:58:26 +02:00 |
|
Jagger
|
27f7bf9a8c
|
Add KILL as a synonym for DENY
|
2016-05-05 01:18:14 +02:00 |
|
Robert Swiecki
|
88e81e3e4b
|
No need to read from pipefd at the end of subproc
|
2016-04-25 16:06:19 +02:00 |
|
Robert Swiecki
|
56cf3d2b22
|
Enable seccomp for all archs
|
2016-04-25 15:49:26 +02:00 |
|
Jagger
|
8371afabb9
|
read() -> utilReadFromFd()
|
2016-04-25 02:01:26 +02:00 |
|
Jagger
|
57a523dd08
|
Use defer {} instead of DEFER()
|
2016-04-23 04:22:31 +02:00 |
|
Robert Swiecki
|
db4a90d225
|
Print warning with failing umount
|
2016-03-23 17:23:18 +01:00 |
|
Robert Swiecki
|
66d3a14530
|
Remove the tmpfs from /tmp is we are mounting / as root
|
2016-03-23 17:08:52 +01:00 |
|
Robert Swiecki
|
f17c13645c
|
Remove old log semantics
|
2016-03-15 20:45:20 +01:00 |
|
Robert Swiecki
|
3bc8cce90e
|
No need to redirect log fd anymore
|
2016-03-15 20:42:03 +01:00 |
|
Robert Swiecki
|
969750c4c9
|
Don't take CFLAGS into consideration with make depend
|
2016-03-11 15:48:23 +01:00 |
|
Robert Swiecki
|
e557cf4056
|
Remove dependency on libnl3 in depend
|
2016-03-11 15:47:16 +01:00 |
|
Jagger
|
8f68fab29c
|
--bindhost help
|
2016-03-11 02:57:02 +01:00 |
|
Jagger
|
eff4796c95
|
Correct (non-resrved) header guards
|
2016-03-11 02:45:43 +01:00 |
|
Jagger
|
5bd1bca6dd
|
Merge
|
2016-03-10 22:57:08 +01:00 |
|
Jagger
|
4ae2c027ac
|
Cleaner impl. of DEFER
|
2016-03-10 22:56:26 +01:00 |
|
Robert Swiecki
|
1d5cccdfce
|
Cleaner defer implementation
|
2016-03-10 16:01:16 +01:00 |
|