Mercurial > hg > toybox
annotate toys/other/nsenter.c @ 1736:5892daac85ab draft
Switch nsenter to default y.
| author | Rob Landley <rob@landley.net> |
|---|---|
| date | Thu, 12 Mar 2015 15:34:03 -0500 |
| parents | 83c14a9cd0fe |
| children |
| rev | line source |
|---|---|
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
1 /* nsenter.c - Enter existing namespaces |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
2 * |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
3 * Copyright 2014 andy Lutomirski <luto@amacapital.net> |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
4 * |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
5 * No standard |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
6 * |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
7 * unshare.c - run command in new context |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
8 * |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
9 * Copyright 2011 Rob Landley <rob@landley.net> |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
10 * |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
11 * No Standard |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
12 * |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
13 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
14 // Note: flags go in same order (right to left) for shared subset |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
15 USE_NSENTER(NEWTOY(nsenter, "<1F(no-fork)t#<1(target)i:(ipc);m:(mount);n:(net);p:(pid);u:(uts);U:(user);", TOYFLAG_USR|TOYFLAG_BIN)) |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
16 USE_UNSHARE(NEWTOY(unshare, "<1^rimnpuU", TOYFLAG_USR|TOYFLAG_BIN)) |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
17 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
18 config UNSHARE |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
19 bool "unshare" |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
20 default y |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
21 depends on TOYBOX_CONTAINER |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
22 help |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
23 usage: unshare [-imnpuUr] COMMAND... |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
24 |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
25 Create new container namespace(s) for this process and its children, so |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
26 some attribute is not shared with the parent process. |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
27 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
28 -i SysV IPC (message queues, semaphores, shared memory) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
29 -m Mount/unmount tree |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
30 -n Network address, sockets, routing, iptables |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
31 -p Process IDs and init |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
32 -r Become root (map current euid/egid to 0/0, implies -U) |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
33 -u Host and domain names |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
34 -U UIDs, GIDs, capabilities |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
35 |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
36 A namespace allows a set of processes to have a different view of the |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
37 system than other sets of processes. |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
38 |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
39 config NSENTER |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
40 bool "nsenter" |
|
1736
5892daac85ab
Switch nsenter to default y.
Rob Landley <rob@landley.net>
parents:
1701
diff
changeset
|
41 default y |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
42 help |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
43 usage: nsenter [-t pid] [-F] [-i] [-m] [-n] [-p] [-u] [-U] COMMAND... |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
44 |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
45 Run COMMAND in an existing (set of) namespace(s). |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
46 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
47 -t PID to take namespaces from (--target) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
48 -F don't fork, even if -p is used (--no-fork) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
49 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
50 The namespaces to switch are: |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
51 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
52 -i SysV IPC: message queues, semaphores, shared memory (--ipc) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
53 -m Mount/unmount tree (--mnt) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
54 -n Network address, sockets, routing, iptables (--net) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
55 -p Process IDs and init, will fork unless -F is used (--pid) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
56 -u Host and domain names (--uts) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
57 -U UIDs, GIDs, capabilities (--user) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
58 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
59 If -t isn't specified, each namespace argument must provide a path |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
60 to a namespace file, ala "-i=/proc/$PID/ns/ipc" |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
61 */ |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
62 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
63 #define FOR_nsenter |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
64 #include "toys.h" |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
65 #include <linux/sched.h> |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
66 int unshare(int flags); |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
67 int setns(int fd, int nstype); |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
68 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
69 GLOBALS( |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
70 char *nsnames[6]; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
71 long targetpid; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
72 ) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
73 |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
74 // Code that must run in unshare's flag context |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
75 #define CLEANUP_nsenter |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
76 #define FOR_unshare |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
77 #include <generated/flags.h> |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
78 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
79 static void write_ugid_map(char *map, unsigned eugid) |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
80 { |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
81 int bytes = sprintf(toybuf, "0 %u 1", eugid), fd = xopen(map, O_WRONLY); |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
82 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
83 xwrite(fd, toybuf, bytes); |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
84 xclose(fd); |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
85 } |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
86 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
87 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
88 static int handle_r(int test) |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
89 { |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
90 int fd; |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
91 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
92 if (!CFG_UNSHARE || !(toys.optflags & FLAG_r) || *toys.which->name!='u') |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
93 return 0; |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
94 if (!test) return 1; |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
95 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
96 if (toys.optflags & FLAG_r) { |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
97 if ((fd = open("/proc/self/setgroups", O_WRONLY)) >= 0) { |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
98 xwrite(fd, "deny", 4); |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
99 close(fd); |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
100 } |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
101 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
102 write_ugid_map("/proc/self/uid_map", geteuid()); |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
103 write_ugid_map("/proc/self/gid_map", getegid()); |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
104 } |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
105 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
106 return 0; |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
107 } |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
108 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
109 // Shift back to the context GLOBALS lives in (I.E. matching the filename). |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
110 #define CLEANUP_unshare |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
111 #define FOR_nsenter |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
112 #include <generated/flags.h> |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
113 |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
114 void unshare_main(void) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
115 { |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
116 unsigned flags[]={CLONE_NEWUSER, CLONE_NEWUTS, CLONE_NEWPID, CLONE_NEWNET, |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
117 CLONE_NEWNS, CLONE_NEWIPC}, f = 0; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
118 int i, fd; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
119 |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
120 // unshare -U does not imply -r, so we cannot use [+rU] |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
121 if (handle_r(0)) toys.optflags |= FLAG_U; |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
122 |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
123 // Create new namespace(s)? |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
124 if (CFG_UNSHARE && *toys.which->name=='u') { |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
125 for (i = 0; i<ARRAY_LEN(flags); i++) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
126 if (toys.optflags & (1<<i)) f |= flags[i]; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
127 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
128 if (unshare(f)) perror_exit(0); |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
129 handle_r(1); |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
130 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
131 // Bind to existing namespace(s)? |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
132 } else if (CFG_NSENTER) { |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
133 char *nsnames = "user\0uts\0pid\0net\0mnt\0ipc"; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
134 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
135 for (i = 0; i<ARRAY_LEN(flags); i++) { |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
136 char *filename = TT.nsnames[i]; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
137 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
138 if (toys.optflags & (1<<i)) { |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
139 if (!filename || !*filename) { |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
140 if (!(toys.optflags & FLAG_t)) error_exit("need -t or =filename"); |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
141 sprintf(toybuf, "/proc/%ld/ns/%s", TT.targetpid, nsnames); |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
142 filename = toybuf; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
143 } |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
144 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
145 if (setns(fd = xopen(filename, O_RDONLY), flags[i])) |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
146 perror_exit("setns"); |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
147 close(fd); |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
148 } |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
149 nsnames += strlen(nsnames)+1; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
150 } |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
151 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
152 if ((toys.optflags & FLAG_p) && !(toys.optflags & FLAG_F)) { |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
153 pid_t pid = xfork(); |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
154 |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
155 if (pid) { |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
156 while (waitpid(pid, 0, 0) == -1 && errno == EINTR); |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
157 return; |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
158 } |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
159 } |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
160 } |
|
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
161 |
|
1676
cbb1aca81eca
Make toy_exec() check if argc is in optargs and deal with it there so we don't need a separate xexec_optargs().
Rob Landley <rob@landley.net>
parents:
1675
diff
changeset
|
162 xexec(toys.optargs); |
|
1675
435f91d71898
Merge unshare and nsenter (promoting and cleaning up nsenter).
Rob Landley <rob@landley.net>
parents:
diff
changeset
|
163 } |
|
1701
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
164 |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
165 void nsenter_main(void) |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
166 { |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
167 unshare_main(); |
|
83c14a9cd0fe
Patch from Isaac Dunham to add -r, fixed up so it doesn't try to include two flag contexts simultaneously.
Rob Landley <rob@landley.net>
parents:
1676
diff
changeset
|
168 } |