return -1;
}
- if (add_path_and_deps(*opts.jail_argv, 1, -1, 0)) {
- ERROR("failed to load dependencies\n");
- return -1;
- }
-
- if (opts.seccomp && add_path_and_deps("libpreload-seccomp.so", 1, -1, 1)) {
- ERROR("failed to load libpreload-seccomp.so\n");
- return -1;
- }
-
if (mount_all(jail_root)) {
ERROR("mount_all() failed\n");
return -1;
static int exec_jail(void)
{
- char **envp = build_envp(opts.seccomp);
- if (!envp)
- exit(EXIT_FAILURE);
-
if (opts.capabilities && drop_capabilities(opts.capabilities))
exit(EXIT_FAILURE);
exit(EXIT_FAILURE);
}
+ char **envp = build_envp(opts.seccomp);
+ if (!envp)
+ exit(EXIT_FAILURE);
+
INFO("exec-ing %s\n", *opts.jail_argv);
execve(*opts.jail_argv, opts.jail_argv, envp);
/* we get there only if execve fails */
opts.jail_argv = &argv[optind];
+ if (opts.namespace && add_path_and_deps(*opts.jail_argv, 1, -1, 0)) {
+ ERROR("failed to load dependencies\n");
+ return -1;
+ }
+
+ if (opts.namespace && opts.seccomp && add_path_and_deps("libpreload-seccomp.so", 1, -1, 1)) {
+ ERROR("failed to load libpreload-seccomp.so\n");
+ return -1;
+ }
+
if (opts.name)
prctl(PR_SET_NAME, opts.name, NULL, NULL, NULL);