From 08afc3a98b7385ea2439dec1aac0f41c4c14c408 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Sun, 2 Dec 2018 21:09:06 +0100 Subject: Update to working version Still way off from something usable by someone else but it already works for me. --- child.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 child.c (limited to 'child.c') diff --git a/child.c b/child.c new file mode 100644 index 0000000..d087064 --- /dev/null +++ b/child.c @@ -0,0 +1,60 @@ +/* uroot - User's root + * child.c Source file for child with unshared resources + * + * Copyright (C) 2018 Karel Kočí + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +#define _GNU_SOURCE +#include "child.h" +#include +#include +#include +#include +#include +#include +#include "utils.h" + +int child_main(void *_args) { + struct child_args *args = _args; + sigpipe_wait(args->sigpipe); + + // Change some mount points to private + mount("none", "/", NULL, MS_REC | MS_PRIVATE, NULL); + assert_perror(errno); + /* + mount("none", "/proc", NULL, MS_REC | MS_PRIVATE, NULL); + assert_perror(errno); + mount("none", "/sys", NULL, MS_REC | MS_PRIVATE, NULL); + assert_perror(errno); + */ + // Mount new proc filesystem for this namespace + mount("proc", "/proc", "proc", MS_NOSUID | MS_NODEV | MS_NOEXEC, NULL); + assert_perror(errno); + //mount("binfmt_misc", "/proc/sys/fs/binfmt_misc", "binfmt_misc", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL); + //assert_perror(errno); + + if (args->argc <= 1) { + const char *shell = get_shell(); + execl(shell, shell, NULL); + } else { + char *new_argv[args->argc + 1]; + memcpy(new_argv, args->argv + 1, args->argc * sizeof *new_argv); + new_argv[args->argc] = NULL; + execvp(args->argv[1], new_argv); + assert_perror(errno); + } + return 1; +} -- cgit v1.2.3