C/container
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

made container running as non root

Browse Source
This commit is contained in:
Antoine 2020-07-19 23:29:55 +02:00
parent 76f7d7d1af
commit 24b6f1ed11
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@ -43,10 +43,10 @@ release: all
# debug target # debug target
valgrind: valgrind:
@sudo valgrind --leak-check=full --show-leak-kinds=all --trace-children=no --track-origins=yes $(BIN_DIR)/$(TARGET) /bin/ls -la /bin @valgrind --leak-check=full --show-leak-kinds=all --trace-children=no --track-origins=yes $(BIN_DIR)/$(TARGET) /bin/ls -la /bin
run: run:
sudo $(BIN_DIR)/$(TARGET) /bin/ls -la / $(BIN_DIR)/$(TARGET) /bin/ls -la /
clean: clean:
@rm -f $(OBJ_DIR)/*.o @rm -f $(OBJ_DIR)/*.o

2
src/container.c
View File

@ -58,7 +58,7 @@ container_t *initialize_container(struct clone_args cloneArgs)
{ {
container_t *c = (container_t *)malloc(sizeof(container_t)); container_t *c = (container_t *)malloc(sizeof(container_t));
// in order new net ns, new mount ns, new hostname ns, new pid ns, child ns // in order new net ns, new mount ns, new hostname ns, new pid ns, child ns
c->_cloneFlags = CLONE_NEWNET | CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWPID | CLONE_NEWCGROUP; c->_cloneFlags = CLONE_NEWUSER | CLONE_NEWNET | CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWPID | CLONE_NEWCGROUP;
c->cloneArgs = cloneArgs; c->cloneArgs = cloneArgs;
return c; return c;
} }