| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
| |
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|
|
|
|
|
|
| |
This is a step towards REUSE compliance. Third-party files that we do
not otherwise edit (git.mk, m4/attributes.m4) are excluded here.
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|\
| |
| | |
Add --clearenv option
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This allows environment variables to be set when running bwrap itself
(perhaps a custom LD_LIBRARY_PATH), but cleared for the command that
runs in the container, without having to enumerate all the variables.
Because PWD is set later, as a side-effect of changing directory, this
actually clears everything except PWD.
A portable program would check for clearenv() (and if not found, fall
back to using environ = NULL), but bubblewrap is Linux-specific, and
Linux C libraries (at least glibc and musl) do have clearenv().
Signed-off-by: Simon McVittie <smcv@collabora.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we are using a case-insensitive filesystem the bind-mount operation
might fail when `/proc/self/mountinfo` is checked.
In a case-insensitive filesystem, if we ask to mount a certain
directory, e.g. '/CI_fs/foo', the kernel might add its entry in
`mountinfo` as '/CI_fs/FOO'. This happens because the kernel populates
`mountinfo` with whatever case combination first appeared in the dcache.
With this patch we open the requested path and look at its
`/proc/self/fd`, using readlink(), to get the path case combination that
the kernel is also expected to be using.
Signed-off-by: Ludovico de Nittis <ludovico.denittis@collabora.com>
|
|
|
|
| |
This just forks and exits in the parent, continuing in the child.
|
|
|
|
|
| |
This uses SCM_CREDENTIALS as a way to translate pids between the
sender and the destination namespaces.
|
|
|
|
|
|
|
|
|
|
|
|
| |
For NFS mounts if we call mkdir() on a read-only mount (such as when
we've created a read-only bind mount) the kernel will nor return EEXIST
even when the directory exists, instead returning EROFS.
So, we add (and use) an ensure_dir() helper that stats before calling
mkdir.
Closes: #258
Approved by: giuseppe
|
|
|
|
|
|
|
| |
Clang notices it's missing in the new PR testing.
Closes: #128
Approved by: alexlarsson
|
|
|
|
|
| |
Closes: #118
Approved by: alexlarsson
|
|
|
|
|
|
|
|
|
|
| |
It's shorter and more reliable. Also GCC/CLang specific, but that's
fine because that's all we support anyways.
Closes: #69
Closes: #70
Approved by: mrunalp
|
|
|
|
|
| |
Closes: #67
Approved by: cgwalters
|
|
|
|
|
|
|
| |
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
Closes: #65
Approved by: cgwalters
|
|
|
|
|
|
|
| |
I find this clearer since I know about `asprintf`, and the `x` prefix.
Closes: #55
Approved by: alexlarsson
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All calls to set an SELinux label should call this function
die_unless_label_valid (opt_exec_label);
It will make sure SELinux is enabled and will make sure the user passed in a
valid label.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Closes: #53
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
| |
In particular `format` is important for validating strings. Luckily
we don't have any new warnings.
`noreturn` is mostly just helps avoid other warnings from unreachable
code.
Closes: #51
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Verify you are getting a valid SELinux label before proceeding. Some
SELinux checks were broken.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Closes: #43
Approved by: cgwalters
|
|
|
|
|
|
|
|
|
|
|
| |
GCC was failing this because write is marked warn_unused_result.
Assigning it to a attribute unused variable is apparently "better"
than casting it to void...
Also, we avoid taking this path at all if event_fd is -1.
Closes: #32
Approved by: alexlarsson
|
|
|
|
|
|
|
| |
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Pull request: #25
Approved by: alexlarsson
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
If they already exist as a regular file then we don't need to create
it, which is good because doing so would break if the filesystem
is readonly. I.e. that returns EROFS instead of EEXISTS in that case.
|
| |
|
| |
|
| |
|
| |
|
|
|