| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
| |
sys-utils/nsenter.c: In function ‘is_same_namespace’:
sys-utils/nsenter.c:170:2: warning: ‘b_ino’ may be used uninitialized in this function [-Wuninitialized]
sys-utils/nsenter.c:170:2: warning: ‘a_ino’ may be used uninitialized in this function [-Wuninitialized]
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
The commit 96cbe362c034305e5f12a912b4247b3321420ee7 forces lsmem to
follow output column for split policy.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
| |
changed in include/c.h and applied via sed:
sed -i 's/fprintf.*\(USAGE_MAN_TAIL.*\)/printf(\1/' $(git ls-files -- "*.c")
sed -i 's/print_usage_help_options\(.*\);/printf(USAGE_HELP_OPTIONS\1);/' $(git ls-files -- "*.c")
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Consolidate --help and --version descriptions. We are
now able to align them to the other options.
We changed include/c.h. The rest of this patch was
generated by sed, plus manually setting the right
alignment numbers. We do not change anything but
white spaces in the --help output.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
|
|
|
| |
This patch is trivial and changes nothing, because
we were always using usage(0).
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(Original patch and commit message edited by Rudi.)
gcc-7 adds -Wimplicit-fallthrough=3 to our default flag -Wextra.
This warning can be silenced by using comment /* fallthrough */
which is also recognized by other tools like coverity. There are
also other valid comments (see man gcc-7) but we consolidate this
style now.
We could have also used __attribute__((fallthrough)) but the comment
looks nice and does not need to be ifdef'ed for compatibility.
Reference: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=7652
Reference: https://developers.redhat.com/blog/2017/03/10/wimplicit-fallthrough-in-gcc-7/
Reviewed-by: Ruediger Meier <ruediger.meier@ga-group.nl>
Suggested-by: Karel Zak <kzak@redhat.com>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
| |
The "program" is optional and $SHELL is executed by default.
Addresses: https://github.com/karelzak/util-linux/issues/389
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
| |
The current default is to print all usage() output. This is overkill
in many case.
Addresses: https://github.com/karelzak/util-linux/issues/338
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
Let's make it easy for users to enter target process namespaces.
Addresses: https://github.com/karelzak/util-linux/issues/382
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
Fix various typos in error messages, warnings, debug strings,
comments and names of static functions.
Signed-off-by: Sebastian Rasmussen <sebras@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We have two use cases for user namespaces, one to elevate the
privilege of an unprivileged user, in which case we have to enter the
user namespace before all other namespaces (otherwise there isn't
enough permission to enter any other namespace). And the other one is
where we're deprivileging a user and thus have to enter the user
namespace last (because that's the point at which we lose the
privileges). On the first pass, we start at the position one after
the user namespace clearing the file descriptors as we close them
after calling setns(). If setns() fails on the first pass, ignore the
failure assuming that it will succeed after we enter the user
namespace.
Addresses: https://github.com/karelzak/util-linux/issues/315
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
| |
Currently these are supported in #for-next.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
|
|
|
|
|
|
|
| |
The new context is copied from --target <PID>. This solution allows to
keep SELinux happy when you enter container by nsenter(1).
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1116100
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new option --preserve-credentials completely disables all
operations related to UIGs and GIDs.
The patch also calls setgroups() before we enter user namespace (so
root can always clear their groups) and after we enter user namespace
(to detect /proc/self/setgroups "deny"). If both fail then nsenter
complains.
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current nseneter behavior is inconsistent and depends on way how
namespace is specified on command line
# nsenter --user
vs.
# nseneter --user=filename
if the namespace is specified by <filename> than nsenter does not do
additinal setting and actions (e.g. does not call setgroups, setuid).
This is bug.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
| |
This adds a concise description of a tool to its usage text.
A first form of this patch was proposed by Steven Honeyman
(see http://www.spinics.net/lists/util-linux-ng/msg09994.html).
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
| |
Now it's possible to set UID and GID for user namespaces only. This
patch removes this restriction and allow to use --set{uid,gid} in all
cases. The default for user namespaces is still GID=0, UID=0.
Reported-by: Tomas Doran <bobtfish@bobtfish.net>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
.. always, always setgid() before setuid()!
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1061751
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
| |
Reported-by: Trần Ngọc Quân <vnwildman@gmail.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using -S (--setuid) and -G (--setgid) one can select the uid/gid which
will be used in the entered user namespace.
[kzak@redhat.com: - use setuid/gid unconditionally (always),
- update man page]
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The behaviour mimics chroot.
Possibly it would have been nicer to to query the password database in
the new namepace and run the shell of the user there, but it's hard to
do correctly. getpwuid() might need to load nss plugins, and the arch
in the new namespace might be different (in case of NEWNS mounts), or
the hostname might be different, etc. So in general it's not possible
to do it reliably.
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
| |
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
| |
Message to user is less informative, but impossible events should be
rare so core files are much appriciated for these cases.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
| |
nsenter.c:53:2: warning: ISO C forbids empty initializer braces [-pedantic]
[kzak@redhat.com: - use initialize .fd to -1]
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'neither filename nor target' is changed to use errx() rather than
err(), because the errno is indicating success at the time of fatal error
which is wrong message for an user.
The "cannot open %s" is same string as in other files, making translators
to work less.
Remaining changes aim to ease understanding what went wrong for a
non-programmer audience.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
|
| |
The naming of this option was really confusing.
Just rename it for clarity.
[kzak@redhat.com: rebase to original code without --all]
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Allows 'nsenter -mt $PID', which would fail previously.
[kzak@redhat.com: - fix open_target_fd() arguments]
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the defitions of CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC,
CLONE_NEWNET, CLONE_NEWUSER, CLONE_NEWPID into namespace.h in case
sched.h does not provide those definitions. Are there systems
around that are old enough that still need this?
Move the definitions of unshare() and setns() into namespace.h
for supporting old versions of libc that does not provice these.
I have tested this support with setns as I still have systems
old enough that glibc does not wrap setns.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
|
|
|
|
|
|
| |
This is shorter code and makes things a bit clearer and less
error prone if anyone happens to copy the code.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
|
|
|
|
|
| |
Make it clear where functions do not modify their arguments.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
|
|
|
| |
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the case of a pid namespace we need to fork a child process instead
of calling exec. Move all of that logic out of line into a function
continue_as_child, making the logic of the primary case easier to
understand.
Update the logic for waiting for a child process to suspend ourselves
when the child processes suspends and to continue the child process
when we are unsuspsended. This supports the bash suspend command and
various editors that suspend themselves.
If the child process exits with a signal update the logic to run
kill(getpid(), WTERMSIG(status)) so the caller sees the same exit code
that nsenter observed.
There will always be permission to send signals to our children and
the tty is not changing so there is no need for the intermediate
process to forward signals to it's child.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
|
Inspired by unshare, nsenter is a simple wrapper around setns that
allows running a new process in the context of an existing process.
Full paths may be specified to the namespace arguments so that
namespace file descriptors may be used wherever they reside in the
filesystem.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|