Mrunal Patel mrunalp
mrunalp
/ mountrun.c
Created
August 25, 2015 23:16
Mount tmpfs at /run in a process's mount namespace
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define _GNU_SOURCE | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <sys/mount.h> | |
| #include <sys/stat.h> | |
| #include <sys/types.h> | |
| #include <fcntl.h> | |
| #include <sched.h> | |
| #include <unistd.h> | |
| #include <errno.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'socket' | |
| require 'ipaddr' | |
| # From ioctls.h | |
| SIOCGIFADDR = 0x8915 | |
| def ip_address(iface) | |
| sock = UDPSocket.new | |
| buf = [iface,""].pack('a16h16') | |
| sock.ioctl(SIOCGIFADDR, buf); |
mrunalp
/ exec_userns.go
Created
May 2, 2014 05:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "log" | |
| "os" | |
| "syscall" | |
| ) | |
| func main() { | |
| syscall.ForkLock.Lock() |
mrunalp
/ busybox_docker
Created
June 18, 2014 16:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# docker run -it --rm busybox /bin/sh | |
| / # command -v groupadd | |
| / # echo $? | |
| 127 | |
| / # addgroup -g 1003 container | |
| / # echo $? | |
| 0 | |
| / # adduser -u 1003 -g 1003 container | |
| adduser: uid '1003' in use | |
| / # echo $? |
mrunalp
/ busybox_docker_2
Created
June 18, 2014 16:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost ~]# docker run -it --rm busybox /bin/sh | |
| / # command -v groupadd | |
| / # echo $? | |
| 127 | |
| / # addgroup -g 1003 container | |
| / # echo $? | |
| 0 | |
| / # adduser -u 1003 -g 1003 container | |
| adduser: uid '1003' in use | |
| / # echo $? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"mount_config":{"mounts":[{"type":"bind","source":"/var/lib/docker/init/dockerinit-1.0.1-dev","destination":"/.dockerinit","private":true},{"type":"bind","source":"/etc/resolv.conf","destination":"/etc/resolv.conf","private":true},{"type":"bind","source":"/var/lib/docker/containers/ff17757403e4b96fbb7a65dafe2dc8a3a21e809e3fa30e5d35d4f767fae267d3/hostname","destination":"/etc/hostname","private":true},{"type":"bind","source":"/var/lib/docker/containers/ff17757403e4b96fbb7a65dafe2dc8a3a21e809e3fa30e5d35d4f767fae267d3/hosts","destination":"/etc/hosts","private":true}],"device_nodes":[{"type":99,"path":"/dev/fuse","major_number":10,"minor_number":229,"cgroup_permissions":"rwm"},{"type":99,"path":"/dev/null","major_number":1,"minor_number":3,"cgroup_permissions":"rwm","file_mode":438},{"type":99,"path":"/dev/zero","major_number":1,"minor_number":5,"cgroup_permissions":"rwm","file_mode":438},{"type":99,"path":"/dev/full","major_number":1,"minor_number":7,"cgroup_permissions":"rwm","file_mode":438},{"type":99,"path |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"mount_config":{"mounts":[{"type":"bind","source":"/var/lib/docker/init/dockerinit-1.0.1-dev","destination":"/.dockerinit","private":true},{"type":"bind","source":"/etc/resolv.conf","destination":"/etc/resolv.conf","private":true},{"type":"bind","source":"/var/lib/docker/containers/ff17757403e4b96fbb7a65dafe2dc8a3a21e809e3fa30e5d35d4f767fae267d3/hostname","destination":"/etc/hostname","private":true},{"type":"bind","source":"/var/lib/docker/containers/ff17757403e4b96fbb7a65dafe2dc8a3a21e809e3fa30e5d35d4f767fae267d3/hosts","destination":"/etc/hosts","private":true}],"device_nodes":[{"type":99,"path":"/dev/fuse","major_number":10,"minor_number":229,"cgroup_permissions":"rwm"},{"type":99,"path":"/dev/null","major_number":1,"minor_number":3,"cgroup_permissions":"rwm","file_mode":438},{"type":99,"path":"/dev/zero","major_number":1,"minor_number":5,"cgroup_permissions":"rwm","file_mode":438},{"type":99,"path":"/dev/full","major_number":1,"minor_number":7,"cgroup_permissions":"rwm","file_mode":438},{"type":99,"path |
mrunalp
/ sample_run.txt
Created
June 26, 2014 21:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@localhost rootfs]# nsinit exec /bin/bash | |
| 2014/06/26 21:50:00 EXEC USERNS | |
| 2014/06/26 21:50:00 &{MountConfig:0xc21001e3c0 Hostname:koye User:root WorkingDir: Env:[HOME=/ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin HOSTNAME=koye TERM=xterm] Tty:true Namespaces:map[NEWIPC:true NEWNET:true NEWNS:true NEWPID:true NEWUTS:true NEWUSER:true] Capabilities:[CHOWN DAC_OVERRIDE FOWNER MKNOD NET_RAW SETGID SETUID SETFCAP SETPCAP NET_BIND_SERVICE SYS_CHROOT KILL] Networks:[0xc21004e310] Routes:[] Cgroups:0xc21000f6e0 AppArmorProfile: ProcessLabel: RestrictSys:true UidMappings:[{ContainerId:0 HostId:1013 Size:1} {ContainerId:1 HostId:1 Size:1012}] GidMappings:[{ContainerId:0 HostId:1013 Size:1} {ContainerId:1 HostId:1 Size:1012}]} | |
| 2014/06/26 21:50:00 1 | |
| 2014/06/26 21:50:00 proc: &{6 0 0} | |
| 2014/06/26 21:50:00 uid: [{ContainerId:0 HostId:1013 Size:1} {ContainerId:1 HostId:1 Size:1012}] | |
| 2014/06/26 21:50:00 0 1013 1 | |
| 1 1 1012 | |
| 2014/06/26 21:50:00 0 1013 1 | |
| 1 1 1012 |
mrunalp
/ 0001-Changes-to-uid-gid-mappings.patch
Last active
August 29, 2015 14:04
— forked from crosbymichael/0001-Changes-to-uid-gid-mappings.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -r 9895f9e36435 src/pkg/syscall/exec_linux.go | |
| --- a/src/pkg/syscall/exec_linux.go Thu Jun 19 10:20:01 2014 +1000 | |
| +++ b/src/pkg/syscall/exec_linux.go Wed Jul 30 14:03:39 2014 -0400 | |
| @@ -36,7 +36,7 @@ | |
| // For the same reason compiler does not race instrument it. | |
| // The calls to RawSyscall are okay because they are assembly | |
| // functions that do not grow the stack. | |
| -func forkAndExecInChild(argv0 *byte, argv, envv []*byte, chroot, dir *byte, attr *ProcAttr, sys *SysProcAttr, pipe int) (pid int, err Errno) { | |
| +func forkAndExecInChild(argv0 *byte, argv, envv []*byte, chroot, dir *byte, attr *ProcAttr, sys *SysProcAttr, child, parent int) (pid int, err Errno) { | |
| // Declare all variables at top in case any |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "log" | |
| "os" | |
| "os/exec" | |
| "syscall" | |
| ) | |
| func main() { |
OlderNewer