Add --hostname HOSTNAME.

This makes `--unshare-uts` actually useful by allowing the user to specify a custom hostname for the newly created UTS namespace. Implements #93. Closes: #94 Approved by: alexlarsson
author: Yawning Angel <yawning@schwanenlied.me> 2016-09-01 04:31:58 +0000
committer: Atomic Bot <atomic-devel@projectatomic.io> 2016-09-02 09:33:58 +0000
commit: 75f86d30ef8d8a0ef85e31b8fd980555d308b871 (patch)
tree: 07771ae1bab7bd39750dc741b8a35049544bec4e
parent: 3ebe54af1b2acb702381ec9b5610b60758d3d163 (diff)
download: bubblewrap-75f86d30ef8d8a0ef85e31b8fd980555d308b871.tar.gz
3 files changed, 45 insertions, 1 deletions
diff --git a/bubblewrap.c b/bubblewrap.c
index b54e935..f8122d0 100644
--- a/bubblewrap.c
+++ b/bubblewrap.c
@@ -64,8 +64,13 @@ typedef enum {
   SETUP_MAKE_BIND_FILE,
   SETUP_MAKE_SYMLINK,
   SETUP_REMOUNT_RO_NO_RECURSIVE,
+  SETUP_SET_HOSTNAME,
 } SetupOpType;
 
+typedef enum {
+  NO_CREATE_DEST = (1 << 0),
+} SetupOpFlag;
+
 typedef struct _SetupOp SetupOp;
 
 struct _SetupOp
@@ -74,6 +79,7 @@ struct _SetupOp
   const char *source;
   const char *dest;
   int         fd;
+  SetupOpFlag flags;
   SetupOp    *next;
 };
 
@@ -98,6 +104,7 @@ enum {
   PRIV_SEP_OP_DEVPTS_MOUNT,
   PRIV_SEP_OP_MQUEUE_MOUNT,
   PRIV_SEP_OP_REMOUNT_RO_NO_RECURSIVE,
+  PRIV_SEP_OP_SET_HOSTNAME,
 };
 
 typedef struct
@@ -115,6 +122,7 @@ setup_op_new (SetupOpType type)
 
   op->type = type;
   op->fd = -1;
+  op->flags = 0;
   if (last_op != NULL)
     last_op->next = op;
   else
@@ -159,6 +167,7 @@ usage (int ecode, FILE *out)
            "    --unshare-cgroup-try         Create new cgroup namespace if possible else continue by skipping it\n"
            "    --uid UID                    Custom uid in the sandbox (requires --unshare-user)\n"
            "    --gid GID                    Custon gid in the sandbox (requires --unshare-user)\n"
+           "    --hostname NAME              Custom hostname in the sandbox (requires --unshare-uts)\n"
            "    --chdir DIR                  Change directory to DIR\n"
            "    --setenv VAR VALUE           Set an environment variable\n"
            "    --unsetenv VAR               Unset an environment variable\n"
@@ -582,6 +591,11 @@ privileged_op (int         privileged_op_socket,
         die_with_error ("Can't mount mqueue on %s", arg1);
       break;
 
+    case PRIV_SEP_OP_SET_HOSTNAME:
+      if (sethostname (arg1, strlen(arg1)) != 0)
+        die_with_error ("Can't set hostname to %s", arg1);
+      break;
+
     default:
       die ("Unexpected privileged op %d", op);
     }
@@ -609,7 +623,8 @@ setup_newroot (bool unshare_pid,
             die_with_error ("Can't get type of source %s", op->source);
         }
 
-      if (op->dest)
+      if (op->dest &&
+          (op->flags & NO_CREATE_DEST) == 0)
         {
           dest = get_newroot_path (op->dest);
           if (mkdir_with_parents (dest, 0755, FALSE) != 0)
@@ -809,6 +824,12 @@ setup_newroot (bool unshare_pid,
             die_with_error ("Can't make symlink at %s", op->dest);
           break;
 
+        case SETUP_SET_HOSTNAME:
+          privileged_op (privileged_op_socket,
+                         PRIV_SEP_OP_SET_HOSTNAME, 0,
+                         op->dest, NULL);
+          break;
+
         default:
           die ("Unexpected type %d", op->type);
         }
@@ -878,6 +899,7 @@ int opt_sync_fd = -1;
 int opt_block_fd = -1;
 int opt_info_fd = -1;
 int opt_seccomp_fd = -1;
+char *opt_sandbox_hostname = NULL;
 
 
 static void
@@ -1329,6 +1351,20 @@ parse_args_recurse (int    *argcp,
           argv += 1;
           argc -= 1;
         }
+      else if (strcmp (arg, "--hostname") == 0)
+        {
+          if (argc < 2)
+            die ("--hostname takes an argument");
+
+          op = setup_op_new (SETUP_SET_HOSTNAME);
+          op->dest = argv[1];
+          op->flags = NO_CREATE_DEST;
+
+          opt_sandbox_hostname = argv[1];
+
+          argv += 1;
+          argc -= 1;
+        }
       else if (*arg == '-')
         {
           die ("Unknown option %s", arg);
@@ -1440,6 +1476,9 @@ main (int    argc,
   if (!opt_unshare_user && opt_sandbox_gid != gid)
     die ("Specifying --gid requires --unshare-user");
 
+  if (!opt_unshare_uts && opt_sandbox_hostname != NULL)
+    die ("Specifying --hostname requires --unshare-uts");
+
   /* We need to read stuff from proc during the pivot_root dance, etc.
      Lets keep a fd to it open */
   proc_fd = open ("/proc", O_RDONLY | O_PATH);
diff --git a/bwrap.xml b/bwrap.xml
index 2ee662e..5106b13 100644
--- a/bwrap.xml
+++ b/bwrap.xml
@@ -129,6 +129,10 @@
       <term><option>--gid <arg choice="plain">GID</arg></option></term>
       <listitem><para>Use a custom group id in the sandbox (incompatible with <option>--share-user</option>)</para></listitem>
     </varlistentry>
+    <varlistentry>
+      <term><option>--hostname <arg choice="plain">HOSTNAME</arg></option></term>
+      <listitem><para>Use a custom hostname in the sandbox (requires <option>--unshare-uts</option>)</para></listitem>
+    </varlistentry>
   </variablelist>
   <para>Options about environment setup:</para>
   <variablelist>
diff --git a/completions/bash/bwrap b/completions/bash/bwrap
index 6dc5a19..954c114 100644
--- a/completions/bash/bwrap
+++ b/completions/bash/bwrap
@@ -30,6 +30,7 @@ _bwrap() {
 		--file
 		--file-label
 		--gid
+		--hostname
 		--lock-file
 		--proc
 		--ro-bind
author	Yawning Angel <yawning@schwanenlied.me>	2016-09-01 04:31:58 +0000
committer	Atomic Bot <atomic-devel@projectatomic.io>	2016-09-02 09:33:58 +0000
commit	75f86d30ef8d8a0ef85e31b8fd980555d308b871 (patch)
tree	07771ae1bab7bd39750dc741b8a35049544bec4e
parent	3ebe54af1b2acb702381ec9b5610b60758d3d163 (diff)
download	bubblewrap-75f86d30ef8d8a0ef85e31b8fd980555d308b871.tar.gz