aboutsummaryrefslogtreecommitdiff
path: root/child.c
diff options
context:
space:
mode:
Diffstat (limited to 'child.c')
-rw-r--r--child.c21
1 files changed, 12 insertions, 9 deletions
diff --git a/child.c b/child.c
index a9c5c26..d25df85 100644
--- a/child.c
+++ b/child.c
@@ -27,24 +27,27 @@
#include <assert.h>
#include "utils.h"
+#define PROC_BINFMT "/proc/sys/fs/binfmt_misc"
+
int child_main(void *_args) {
struct child_args *args = _args;
sigpipe_wait(args->sigpipe);
- // Change some mount points to private
+ // Change all mount points to private
mount("none", "/", NULL, MS_REC | MS_PRIVATE, NULL);
assert_perror(errno);
- /*
- mount("none", "/proc", NULL, MS_REC | MS_PRIVATE, NULL);
- assert_perror(errno);
- mount("none", "/sys", NULL, MS_REC | MS_PRIVATE, NULL);
- assert_perror(errno);
- */
+
// Mount new proc filesystem for this namespace
+ if (args->binfmt) {
+ mount(PROC_BINFMT, "/tmp", NULL, MS_BIND, NULL);
+ assert_perror(errno);
+ }
mount("proc", "/proc", "proc", MS_NOSUID | MS_NODEV | MS_NOEXEC, NULL);
assert_perror(errno);
- //mount("binfmt_misc", "/proc/sys/fs/binfmt_misc", "binfmt_misc", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL);
- //assert_perror(errno);
+ if (args->binfmt) {
+ mount("/tmp", PROC_BINFMT, NULL, MS_MOVE, NULL);
+ assert_perror(errno);
+ }
if (args->argc <= 1) {
const char *shell = get_shell();
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 01:53:48 +0000