#include <libubox/uloop.h>
#define STACK_SIZE (1024 * 1024)
-#define OPT_ARGS "P:S:n:r:w:psuld"
+#define OPT_ARGS "P:S:n:r:w:psuldo"
struct extra {
struct list_head list;
mkdir(path, 0755);
- if (mount("tmpfs", path, "tmpfs", MS_NOATIME, "mode=0744")) {
+ if (mount("tmpfs", path, "tmpfs", MS_NOATIME, "mode=0755")) {
ERROR("tmpfs mount failed %s\n", strerror(errno));
return -1;
}
char **argv = arg;
int argc = 0, ch;
char *mpoint;
+ int ronly = 0;
while (argv[argc])
argc++;
case 'p':
procfs = 1;
break;
+ case 'o':
+ ronly = 1;
+ break;
case 's':
sysfs = 1;
break;
case 'n':
- sethostname(optarg, strlen(optarg));
+ if (sethostname(optarg, strlen(optarg)))
+ ERROR("failed to sethostname: %s\n", strerror(errno));
break;
}
}
- asprintf(&mpoint, "%s/old", path);
+ if (asprintf(&mpoint, "%s/old", path) < 0) {
+ ERROR("failed to alloc pivot path: %s\n", strerror(errno));
+ return -1;
+ }
mkdir_p(mpoint, 0755);
if (pivot_root(path, mpoint) == -1) {
ERROR("pivot_root failed:%s\n", strerror(errno));
mkdir("/sys", 0755);
mount("sysfs", "/sys", "sysfs", MS_NOATIME, 0);
}
- mount(NULL, "/", NULL, MS_RDONLY | MS_REMOUNT, 0);
+ if (ronly)
+ mount(NULL, "/", NULL, MS_RDONLY | MS_REMOUNT, 0);
uloop_init();
char *dir = get_current_dir_name();
uloop_init();
- chdir(path);
+ if (chdir(path)) {
+ ERROR("failed to chdir() into the jail\n");
+ return;
+ }
namespace_process.pid = clone(spawn_child,
child_stack + STACK_SIZE,
CLONE_NEWUTS | CLONE_NEWPID | CLONE_NEWNS | SIGCHLD, argv);
if (namespace_process.pid != -1) {
- chdir(dir);
+ if (chdir(dir))
+ ERROR("failed to chdir() out of the jail\n");
free(dir);
uloop_process_add(&namespace_process);
uloop_run();
projects / project / procd.git / blobdiff