diff options
| author | Karel Kočí <cynerd@email.cz> | 2019-04-28 17:56:30 +0200 |
|---|---|---|
| committer | Karel Kočí <cynerd@email.cz> | 2019-04-28 17:56:30 +0200 |
| commit | 68f78d914b221763476e6f17a0d0c48183eeb8cb (patch) | |
| tree | 9f65bcd596ed9dbc551e6a8b39067f5e4169db7d /child.c | |
| parent | 3f0fa5587f6e69e8957e674d3ccde6ff8873302e (diff) | |
| download | uroot-68f78d914b221763476e6f17a0d0c48183eeb8cb.tar.gz uroot-68f78d914b221763476e6f17a0d0c48183eeb8cb.tar.bz2 uroot-68f78d914b221763476e6f17a0d0c48183eeb8cb.zip | |
child: allow binfmt_misc to be preserved
This should allow chrooting to non-native systems using qemu.
Diffstat (limited to 'child.c')
| -rw-r--r-- | child.c | 21 |
1 files changed, 12 insertions, 9 deletions
@@ -27,24 +27,27 @@ #include <assert.h> #include "utils.h" +#define PROC_BINFMT "/proc/sys/fs/binfmt_misc" + int child_main(void *_args) { struct child_args *args = _args; sigpipe_wait(args->sigpipe); - // Change some mount points to private + // Change all mount points to private mount("none", "/", NULL, MS_REC | MS_PRIVATE, NULL); assert_perror(errno); - /* - mount("none", "/proc", NULL, MS_REC | MS_PRIVATE, NULL); - assert_perror(errno); - mount("none", "/sys", NULL, MS_REC | MS_PRIVATE, NULL); - assert_perror(errno); - */ + // Mount new proc filesystem for this namespace + if (args->binfmt) { + mount(PROC_BINFMT, "/tmp", NULL, MS_BIND, NULL); + assert_perror(errno); + } mount("proc", "/proc", "proc", MS_NOSUID | MS_NODEV | MS_NOEXEC, NULL); assert_perror(errno); - //mount("binfmt_misc", "/proc/sys/fs/binfmt_misc", "binfmt_misc", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL); - //assert_perror(errno); + if (args->binfmt) { + mount("/tmp", PROC_BINFMT, NULL, MS_MOVE, NULL); + assert_perror(errno); + } if (args->argc <= 1) { const char *shell = get_shell(); |