From 68f78d914b221763476e6f17a0d0c48183eeb8cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
Date: Sun, 28 Apr 2019 17:56:30 +0200
Subject: child: allow binfmt_misc to be preserved

This should allow chrooting to non-native systems using qemu.
---
 child.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

(limited to 'child.c')

diff --git a/child.c b/child.c
index a9c5c26..d25df85 100644
--- a/child.c
+++ b/child.c
@@ -27,24 +27,27 @@
 #include <assert.h>
 #include "utils.h"
 
+#define PROC_BINFMT "/proc/sys/fs/binfmt_misc"
+
 int child_main(void *_args) {
 	struct child_args *args = _args;
 	sigpipe_wait(args->sigpipe);
 
-	// Change some mount points to private
+	// Change all mount points to private
 	mount("none", "/", NULL, MS_REC | MS_PRIVATE, NULL);
 	assert_perror(errno);
-	/*
-	mount("none", "/proc", NULL, MS_REC | MS_PRIVATE, NULL);
-	assert_perror(errno);
-	mount("none", "/sys", NULL, MS_REC | MS_PRIVATE, NULL);
-	assert_perror(errno);
-	*/
+
 	// Mount new proc filesystem for this namespace
+	if (args->binfmt) {
+		mount(PROC_BINFMT, "/tmp", NULL, MS_BIND, NULL); 
+		assert_perror(errno);
+	}
 	mount("proc", "/proc", "proc", MS_NOSUID | MS_NODEV | MS_NOEXEC, NULL);
 	assert_perror(errno);
-	//mount("binfmt_misc", "/proc/sys/fs/binfmt_misc", "binfmt_misc", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL);
-	//assert_perror(errno);
+	if (args->binfmt) {
+		mount("/tmp", PROC_BINFMT, NULL, MS_MOVE, NULL); 
+		assert_perror(errno);
+	}
 
 	if (args->argc <= 1) {
 		const char *shell = get_shell();
-- 
cgit v1.2.3