Daniel Golle
|
04d7570f47
jail: fs: don't overwrite existing mount target
|
1 year ago |
Daniel Golle
|
324ebd0a3c
jail: fs: add support for asymmetric mount bind
|
2 years ago |
Daniel Golle
|
f5fe04b93a
jail: actually check calloc return value
|
2 years ago |
Daniel Golle
|
459b3e84ef
jail: fix several issues discovered by Coverity
|
2 years ago |
Daniel Golle
|
bfc86a2ccc
jail: cgroups: replace wrongly used assert()
|
2 years ago |
Daniel Golle
|
7f12c89d0b
treewide: replace local mkdir_p implementations
|
3 years ago |
Daniel Golle
|
db5ef86649
jail: don't use NULL arguments for mount syscall
|
3 years ago |
Daniel Golle
|
3019f50f62
jail: leak less memory
|
3 years ago |
Daniel Golle
|
b22e6254df
jail: cgroup hack: rewrite cgroup -> cgroup2
|
3 years ago |
Daniel Golle
|
bba6de7531
jail: handle mount propagation flags
|
3 years ago |
Daniel Golle
|
66ae2d947e
jail: re-implement /proc/sys/net read-write in netns hack
|
3 years ago |
Daniel Golle
|
686cf7a5a9
jail: actually apply filesystem-specific mount options
|
3 years ago |
Daniel Golle
|
268126a3b1
jail: add support for maskedPaths and readonlyPaths
|
3 years ago |
Daniel Golle
|
bfce7d128d
jail: fix some more mount options
|
3 years ago |
Daniel Golle
|
86a5105c81
jail: fs: fix build on uClibc-ng
|
3 years ago |
Daniel Golle
|
8d5208f044
jail: fix false return in case of nofail mount
|
3 years ago |
Daniel Golle
|
71e75f4011
jail: refactor mount support to cover OCI spec
|
3 years ago |
Rosen Penev
|
a5954cf302
procd: Add %m to several functions that return errno.
|
6 years ago |
Rosen Penev
|
fa5ce1c2b4
procd: Replace strerror(errno) with %m.
|
6 years ago |
Etienne CHAMPETIER
|
a79578a3dc
jail: improve some logs
|
8 years ago |
Etienne CHAMPETIER
|
7646217c0d
ujail: add O_CLOEXEC flag to open() call
|
8 years ago |
Etienne CHAMPETIER
|
9211278a18
ujail: automatically add script (#!) interpreter
|
8 years ago |
Etienne CHAMPETIER
|
15ff8b1d09
ujail: rework fs jail part
|
8 years ago |