| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
This patch introduces two new parameters to set the
user ID and the group ID of the program to be executed.
Setting group ID also drops supplementary groups.
The option names used are the same as for nsenter,
-S, --setuid and -G, --setgid.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch instroduces two new parameters to set the new
root and the new working directory in this new root.
This allows to combine "unshare chroot" in one command,
and doing like this the /proc filesystem is correctly
mounted in the new root with "--mount-proc".
The new parameters are -R, --root and -w, --wd. The names
are the same as for nsenter, except for "-r" that is already
used by "--map-root-user" and replaced by "-R".
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
|
|
|
|
|
|
|
|
| |
Use the correct macro (I, B) for the font change of one argument, not
those that are used for alternating two fonts, like "BR", "IR", "RB",
or "RI".
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This allows to conveniently kill the entire process tree
below the forked program, a common problem when scripting
tasks that need to reliably fully terminate without leaving
reparented subprocesses behind.
The example added to the man page shows the most common use.
Implemented using prctl(PR_SET_PDEATHSIG, ...).
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
| |
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1390057
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
The "program" is optional and $SHELL is executed by default.
Addresses: https://github.com/karelzak/util-linux/issues/389
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
The links to ftp://ftp.kernel.org/ are replaced by
https://www.kernel.org/.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Michael Kerrisk <mtk.man-pages@gmail.com>
|
|
|
|
|
|
| |
A minor wording fix...
Signed-off-by: Michael Kerrisk <mtk.man-pages@gmail.com>
|
|
|
|
|
|
|
|
| |
As described in pid_namespaces(7), IPC namespaces also
isolate POSIX message queues. Update the unshare(1)
and nsenter(1) pages to clarify that.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
|
|
|
|
|
|
|
|
| |
For each namespace that is discussed, add more explicit
references to the corresponding clone(2) flags and
add references to relevant section 7 namespace pages.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
|
|
|
|
|
|
| |
Rationale: both of these pages are about namespaces.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch does only the following:
* Order SEE ALSO entries first by section name, then alphabetically
within section
* Adds one or two missing commas in SEE ALSO lists
* Removes one or two periods that were (inconsistently) used
at the end of SEE ALSO lists.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
|
|\
| |
| |
| |
| | |
* '2016-03-02/cgns' of https://github.com/hallyn/util-linux:
Implement support for cgroup namespaces
|
| |
| |
| |
| |
| |
| | |
Currently these are supported in #for-next.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
| |
| |
| |
| | |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
| |
| |
| |
| | |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|/
|
|
|
| |
Reported-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
| |
References: https://github.com/karelzak/util-linux/issues/289
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For nsenter(1) we already support namespace specification by file
(e.g. bind mount to namespace /proc/[pid]/ns/[type] file). For
example:
# nsenter --uts=/some/path
This patch extends unshare(1) to setup the bind mount for specified
namespace, for example
# touch /some/path
# unshare --uts=/some/path hostname FOO
# nsenter --uts=/some/path hostname
FOO
Note that the problem is mount namespace, because create bind mount
to ns/mount file within unshared namespace does not make sense.
Based on patch from Lubomir Rintel <lkundrak@v3.sk>.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After "unshare --mount" users assume that mount operations within the
new namespaces are unshared (invisible for the rest of the system).
Unfortunately, this is not true and the behavior depends on the
current mount propagation setting. The kernel default is "private",
but for example systemd based distros use "shared". The solution is to
use (for example) "mount --make-private" after unshare(1).
I have been requested many times to provide less fragile and more
unified unshared mount setting *by default* to make things user
friendly.
The patch forces unshare(1) to explicitly use MS_REC|MS_PRIVATE for all
tree by default.
We can use something less (e.g MS_SLAVE), but "private" is the kernel
default, so for many users this change (feature) will be invisible.
This feature is possible to disable by "--propagation unchanged" or it's
possible to specify another propagation flag, supported are:
<slave|shared|private|unchanged>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
runuser.1: fix spelling implemenation -> implementation
scriptreplay.1: fix spelling overide -> override
unshare.1: fix spelling permamently -> permanently
last.1: fix spelling preferrable -> preferable
lslogins.1: fix spelling priviliges -> privileges
hwclock.8.in: fix spelling transfered -> transferred
prlimit.1: fix typo umlimited -> unlimited
agetty.8: fix typo unnsupported -> unsupported
Signed-off-by: Bill Pemberton <wfp5p@worldbroken.com>
|
|
|
|
| |
Signed-off-by: J William Piggott <elseifthen@gmx.com>
|
|
|
|
|
|
|
| |
...and fix one typo.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
Transform some of them into copyright lines.
Also fix three header lines and snip some trailing whitespace.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since Linux 3.19 the file /proc/self/setgroups controls setgroups(2)
syscall usage in user namespaces. This patch provides command line knob
for this feature.
The new --setgroups does not automatically implies --user to avoid
complexity, it's user's responsibility to use it in right context. The
exception is --map-root-user which is mutually exclusive to
--setgroups=allow.
CC: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
Mainly more option sorting, some formatting adjustments, and the adding
of a missing --version here and there.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
| |
Also, for renice, adapt the descriptions to the behaviour: the -g,
-p and -u options do not actually need to be followed by any ID.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes it very convenient to use make use of privileged actions
on CONFIG_USER_NS enabled kernels, without having to manually tinker
with uid_map and gid_map to obtain required credentials (as those
given upon unshare() vanish with call to execve() and lot of userspace
checks for euid==0 anyway).
Usage example:
$ unshare --uts
unshare: unshare failed: Operation not permitted
$ unshare --user --uts
[nfsnobody@odvarok ~]$ hostname swag
hostname: you must be root to change the host name
$ unshare -r --uts
[root@odvarok util-linux]# hostname swag
[root@odvarok util-linux]#
[kzak@redhat.com: - move code to map_id()
- use all-io.h
- add paths to pathnames.h]
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
| |
There is also idea (by Lennart) to add --propagation=[shared|private|slave|off]
to unshare(1), but it seems unnecessary and too complex as everyone can call
mount(8) after unshare(1) to setup a proper namespace.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on patch from Mike Frysinger <vapier@gentoo.org>.
Mike Frysinger wrote:
When it comes to pid namespaces, it's also useful for /proc to reflect
the current namespace. Again, this is easy to pull off, but annoying
to force everyone to do it themselves. So let's add a --mount-proc to
do the magic for us. The downside is that this also implies creating
a mount namespace as mounting the new pid namespace /proc over top the
system one will quickly break all other processes on the system.
Signed-off-by: Karel Zak <kzak@redhat.com>
Acked-by: Mike Frysinger <vapier@gentoo.or>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ability of unshare to launch a new pid namespace is a bit limited.
The first process in the namespace is expected to be the "init" for it.
When it's not, you get bad behavior.
For example, trying to launch a shell in a new pid namespace fails very
quickly:
$ sudo unshare -p dash
# uname -r
3.8.3
# uname -m
dash: 2: Cannot fork
# ls -ld /
dash: 3: Cannot fork
# echo $$
1324
For this to work smoothly, we need an init process to actively watch over
things. But forcing people to re-use an existing init or write their own
mini init is a bit overkill. So let's add a --fork option to unshare to
do this common bit of book keeping. Now we can do:
$ sudo unshare -p --fork dash
# uname -r
3.8.3
# uname -m
x86_64
# ls -ld /
drwxr-xr-x 22 root root 4096 May 4 14:01 /
# echo $$
1
Thanks to Michael Kerrisk for his namespace articles on lwn.net
[kzak@redhat.com: - fix "forkif logic, remove --mount-proc]
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
| |
Bodiless .TP entries and unterminated .TP lists interfere with page
parsing.
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Update the unshare application to support the pid and user namespaces.
- Update the man page for the new options
- Fix typo in the man page where UTS was spelled UTC.
- Remove the vestigal support for running a suid unshare.
After unsharing a user namespace setuid(getuid()) won't work because
no uid or gid mappings have been specified yet. So it is just easier not
to have any support for running suid.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
|
|
|
|
|
|
| |
The functionality will be replaced with nsenter from Eric W.
Biederman.
This reverts commit 4bbe8099390d528018890efa914e268de3c4b44b.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In addition to the unshare syscall, there exists the setns syscall, which
allows processes to migrate to the namepsaces of other processes. Add this
functionality into the unshare command, as they operate in a fairly simmilar
fashion.
Note: There was discussion of adding a path based namespace argument to unshare
in the origional discussion thread, but I opted to leave that out as it didn't
seem to fit in nicely with the current argument pattern. I figure we can always
add that in later if we need to
[kzak@redhat.com: - fix optional arguments
- do not call unshare if no flag specified
- use O_CLOEXEC
- codding style cleanup]
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
CC: Karel Zak <kzak@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Use dates without the day, use the full month name, put "util-linux" in
the lower left corner, and "User Commands" or "System Administration"
at the top center.
Also improve here and there the one-line program description.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Davidlohr Bueso <dave@gnu.org>
|