Skip to content

Instantly share code, notes, and snippets.



Last active Mar 30, 2017
What would you like to do?
setns apparmor bug

Usage instructions:

sudo snap install snapd-hacker-toolbelt --devmode
sudo snapd-hacker-toolbelt.busybox sh
.PHONY: all clean
CFLAGS += -Wall
all: oops
rm -f oops
#define _GNU_SOURCE
#include <fcntl.h>
#include <sched.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
int main(void)
int fd = open("/proc/1/ns/mnt", O_RDONLY | O_CLOEXEC | O_PATH);
if (fd < 0) {
perror("cannot open");
return 1;
if (setns(fd, CLONE_NEWNS) < 0) {
perror("cannot setns");
return 1;
if (close(fd) < 0) {
perror("cannot close");
return 1;
return 0;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment