dfbf2767f2
Handle signal handler setup error properly in head process
2021-01-15 20:22:22 +01:00
d0feff88b1
Use static globals
2021-01-15 20:22:22 +01:00
2f56f84214
Use err.h instead of self-implemented error output
2021-01-15 20:22:22 +01:00
13c7aa2ca4
Just reuse argv instead of duplicating
2021-01-15 20:22:22 +01:00
b37648d869
Remove remnants of debug code
2021-01-15 20:22:22 +01:00
5928224d87
Usage on stderr
2021-01-15 20:22:22 +01:00
d1664d03f8
Replace redundent error handling
2021-01-15 20:22:22 +01:00
6806d43759
Add clean target
2021-01-15 20:22:22 +01:00
bbb85d353e
Drop root after unshare.
...
Apparently only the unshare call needs root. The fork which results in
a new PID namespace does not.
2021-01-15 20:22:22 +01:00
6655b38a47
Use sigaction instead of signal
...
This way we don't have to handle EINTR.
2021-01-15 20:22:22 +01:00
48445a573b
Handle EINTR error code for wait and waitpid
2021-01-15 20:22:22 +01:00
12e4cd391a
Don't use printf in signal handler
2021-01-15 20:22:22 +01:00
5fbd7abd26
More explanation
2021-01-15 20:22:22 +01:00
9ef65e0f4c
Drop group rights first
...
We might not be able to drop group rights after dropping user rights
so do group rights first.
2021-01-15 20:22:22 +01:00
ab8ef29376
Fix error message for setresgid
2021-01-15 20:22:22 +01:00
1ab32c39d0
Merge all the various definitions of the err variable
2021-01-15 20:22:22 +01:00
b94fa5bfcf
Clean up code style
2021-01-15 20:22:22 +01:00
6bd03ad564
Add sanity check
...
As a sanity check whether we're able to regain root after dropping
it. If we are able to, then something went wrong.
2021-01-15 20:22:22 +01:00
650a576c56
Make dropped root privileges permanent
...
seteuid sets the effective uid but at the same time retains the old
effective uid as a so called saved uid, which allows the process to go
back to root at a later point in time. As we don't want that, we use
the function setresuid and setresgid instead, allowing to set the
real, effective and saved uid/gid. We keep the real uid/gid unchanged,
but set the effective and saved uid/gid to the value of the real uid.
This forbids us to not regain root priviliges.
2021-01-15 20:22:22 +01:00
5fe9ba36a2
Add signal handler for SIGTERM
...
When the head process receives a SIGTERM we have to forward that to the init
process, which in turn has to forward it to the executed process which is
jailed. That process can then decide to exit, which also terminates the init and
head process through SIGCHILD/wait means.
2021-01-12 19:51:05 +01:00
1f5e1a9c1f
Drop root privileges earlier
...
We don't need the root privileges after we unshare and the first fork. Therefor
we can drop those for safety reasons.
2021-01-12 19:50:07 +01:00
f3cd63c137
Use execvp instead execv
...
execvp resolves the executable location using PATH
2021-01-12 13:24:08 +01:00
8ac3b8afe3
Add install target to Makefile
2021-01-07 21:13:59 +01:00
2c397da373
Initial version
2021-01-06 04:42:04 +01:00
3f5f72f940
Initial empty commit.
2021-01-06 04:37:43 +01:00