diff options
Diffstat (limited to 'src/unshare.rs')
-rw-r--r-- | src/unshare.rs | 31 |
1 files changed, 12 insertions, 19 deletions
diff --git a/src/unshare.rs b/src/unshare.rs index a8ec1c1..da16d24 100644 --- a/src/unshare.rs +++ b/src/unshare.rs @@ -4,15 +4,13 @@ use std::{ io::{self, BufRead, Result}, os::unix::ffi::*, path::Path, + process, }; -use nix::{ - sched::{self, CloneFlags}, - unistd, -}; +use nix::unistd; -use crate::prepared_command::PreparedCommand; -use crate::util::{Checkable, ToIOResult}; +// use crate::prepared_command::PreparedCommand; +use crate::util::Checkable; #[derive(Debug, Eq, Ord, PartialEq, PartialOrd)] struct SubIDRange { @@ -98,27 +96,22 @@ fn get_gid_map() -> Result<Vec<SubIDMap>> { Ok(generate_idmap(gid, gid_ranges)) } -fn prepare_idmap_cmd(cmd: &str, pid: &str, map: &Vec<SubIDMap>) -> Result<PreparedCommand> { - let mut builder = PreparedCommand::new(cmd); - builder.arg(&pid); +fn run_idmap_cmd(cmd: &str, pid: &str, map: &Vec<SubIDMap>) -> Result<()> { + let mut builder = process::Command::new(cmd); + builder.arg(pid); for uids in map { builder.arg(uids.lower.to_string()); builder.arg(uids.upper.to_string()); builder.arg(uids.count.to_string()); } - builder.prepare() + builder.status().and_then(|status| status.check()) } -pub fn unshare() -> Result<()> { - let pid = unistd::getpid().to_string(); - - let newuidmap = prepare_idmap_cmd("newuidmap", pid.as_str(), &get_uid_map()?)?; - let newgidmap = prepare_idmap_cmd("newgidmap", pid.as_str(), &get_gid_map()?)?; - - sched::unshare(CloneFlags::CLONE_NEWUSER | CloneFlags::CLONE_NEWNS).to_io_result()?; +pub fn idmap(pid: unistd::Pid) -> Result<()> { + let pid_string = pid.to_string(); - newuidmap.run()?.check()?; - newgidmap.run()?.check()?; + run_idmap_cmd("newuidmap", pid_string.as_str(), &get_uid_map()?)?; + run_idmap_cmd("newgidmap", pid_string.as_str(), &get_gid_map()?)?; Ok(()) } |