Signed-off-by: John Crispin <john@phrozen.org>
#include <libgen.h>
#include <sched.h>
#include <linux/limits.h>
#include <libgen.h>
#include <sched.h>
#include <linux/limits.h>
#include "capabilities.h"
#include "elf.h"
#include "capabilities.h"
#include "elf.h"
kill(jail_process.pid, SIGKILL);
}
kill(jail_process.pid, SIGKILL);
}
+static void jail_handle_signal(int signo)
+{
+ DEBUG("forwarding signal %d to the jailed process\n", signo);
+ kill(jail_process.pid, signo);
+}
+
int main(int argc, char **argv)
{
int main(int argc, char **argv)
{
uid_t uid = getuid();
char log[] = "/dev/log";
char ubus[] = "/var/run/ubus.sock";
uid_t uid = getuid();
char log[] = "/dev/log";
char ubus[] = "/var/run/ubus.sock";
if (uid) {
ERROR("not root, aborting: %s\n", strerror(errno));
if (uid) {
ERROR("not root, aborting: %s\n", strerror(errno));
prctl(PR_SET_NAME, opts.name, NULL, NULL, NULL);
uloop_init();
prctl(PR_SET_NAME, opts.name, NULL, NULL, NULL);
uloop_init();
+
+ sigfillset(&sigmask);
+ for (i = 0; i < _NSIG; i++) {
+ struct sigaction s = { 0 };
+
+ if (!sigismember(&sigmask, i))
+ continue;
+ if ((i == SIGCHLD) || (i == SIGPIPE))
+ continue;
+
+ s.sa_handler = jail_handle_signal;
+ sigaction(i, &s, NULL);
+ }
+
if (opts.namespace) {
add_mount("/dev/full", 0, -1);
add_mount("/dev/null", 0, -1);
if (opts.namespace) {
add_mount("/dev/full", 0, -1);
add_mount("/dev/null", 0, -1);
projects / project / procd.git / commitdiff