- 23 Oct, 2018 7 commits
-
-
Kirill Smelkov authored
e.g. slapns -U/tmp:/run will not unshare /tmp and /run from its parent namespace.
-
Kirill Smelkov authored
Without it e.g. screen does not work (it just was terminating after right start).
-
Kirill Smelkov authored
It is handy to reuse slapns uid setup, because e.g. `unshare -U...` does not allow to use newuidmap & friends, and so with just unshare it is hard to create a user namespace where e.g. screen will work (openpty wants to chown(:tty), gid(tty)=5)
-
Kirill Smelkov authored
Else screen complains: Cannot make directory '/run/screen': No such file or directory
-
Kirill Smelkov authored
Else screen complains: (neo) (z-dev) (g.env) I have no name!@deco:/# screen getpwuid() can't identify your account!
-
Kirill Smelkov authored
Before this change even ping 127.0.0.1 was failing: root@deco:~# ping 127.0.0.1 connect: Network is unreachable
-
Kirill Smelkov authored
Instead remap user IDs that we have to continous [0, ...] IDs in the target namespace. We need to be able to use e.g. tty group from inside (gid=5), because glibc.openpty wants to chwon files in /dev/pts to that group. See next patch for /dev/pts setup.
-
- 04 Oct, 2018 1 commit
-
-
Kirill Smelkov authored
Else for regular user we are doomed to always have only single X -> UID-in-parent mapping. See details in comments inside. TODO handle case when we have CAP_SETUID already (slapns inside slapns).
-
- 03 Oct, 2018 1 commit
-
-
Kirill Smelkov authored
-