diff options
Diffstat (limited to 'sys-utils/unshare.c')
-rw-r--r-- | sys-utils/unshare.c | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/sys-utils/unshare.c b/sys-utils/unshare.c index 9de997bdc..00cc2cf79 100644 --- a/sys-utils/unshare.c +++ b/sys-utils/unshare.c @@ -41,6 +41,12 @@ #ifndef CLONE_NEWNET # define CLONE_NEWNET 0x40000000 #endif +#ifndef CLONE_NEWUSER +# define CLONE_NEWUSER 0x10000000 +#endif +#ifndef CLONE_NEWPID +# define CLONE_NEWPID 0x20000000 +#endif #ifndef HAVE_UNSHARE # include <sys/syscall.h> @@ -63,7 +69,9 @@ static void usage(int status) fputs(_(" -m, --mount unshare mounts namespace\n" " -u, --uts unshare UTS namespace (hostname etc)\n" " -i, --ipc unshare System V IPC namespace\n" - " -n, --net unshare network namespace\n"), out); + " -n, --net unshare network namespace\n" + " -p, --pid unshare pid namespace\n" + " -U, --user unshare user namespace\n"), out); fputs(USAGE_SEPARATOR, out); fputs(USAGE_HELP, out); @@ -82,6 +90,8 @@ int main(int argc, char *argv[]) { "uts", no_argument, 0, 'u' }, { "ipc", no_argument, 0, 'i' }, { "net", no_argument, 0, 'n' }, + { "pid", no_argument, 0, 'p' }, + { "user", no_argument, 0, 'U' }, { NULL, 0, 0, 0 } }; @@ -94,7 +104,7 @@ int main(int argc, char *argv[]) textdomain(PACKAGE); atexit(close_stdout); - while((c = getopt_long(argc, argv, "hVmuin", longopts, NULL)) != -1) { + while((c = getopt_long(argc, argv, "hVmuinpU", longopts, NULL)) != -1) { switch(c) { case 'h': usage(EXIT_SUCCESS); @@ -113,6 +123,12 @@ int main(int argc, char *argv[]) case 'n': unshare_flags |= CLONE_NEWNET; break; + case 'p': + unshare_flags |= CLONE_NEWPID; + break; + case 'U': + unshare_flags |= CLONE_NEWUSER; + break; default: usage(EXIT_FAILURE); } @@ -124,13 +140,6 @@ int main(int argc, char *argv[]) if(-1 == unshare(unshare_flags)) err(EXIT_FAILURE, _("unshare failed")); - /* drop potential root euid/egid if we had been setuid'd */ - if (setgid(getgid()) < 0) - err(EXIT_FAILURE, _("cannot set group id")); - - if (setuid(getuid()) < 0) - err(EXIT_FAILURE, _("cannot set user id")); - execvp(argv[optind], argv + optind); err(EXIT_FAILURE, _("exec %s failed"), argv[optind]); |