]>
Commit | Line | Data |
---|---|---|
15ae422b LP |
1 | /*-*- Mode: C; c-basic-offset: 8 -*-*/ |
2 | ||
3 | /*** | |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2010 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
9 | under the terms of the GNU General Public License as published by | |
10 | the Free Software Foundation; either version 2 of the License, or | |
11 | (at your option) any later version. | |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | General Public License for more details. | |
17 | ||
18 | You should have received a copy of the GNU General Public License | |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
20 | ***/ | |
21 | ||
22 | #include <stdlib.h> | |
23 | #include <string.h> | |
24 | #include <unistd.h> | |
25 | #include <sys/mount.h> | |
26 | ||
27 | #include "namespace.h" | |
28 | #include "log.h" | |
29 | ||
30 | int main(int argc, char *argv[]) { | |
31 | const char * const writable[] = { | |
32 | "/home", | |
33 | NULL | |
34 | }; | |
35 | ||
36 | const char * const readable[] = { | |
37 | "/var", | |
38 | NULL | |
39 | }; | |
40 | ||
41 | const char * const inaccessible[] = { | |
42 | "/home/lennart/projects", | |
43 | NULL | |
44 | }; | |
45 | ||
46 | int r; | |
47 | ||
48 | if ((r = setup_namespace((char**) writable, (char**) readable, (char**) inaccessible, true, MS_SHARED)) < 0) { | |
49 | log_error("Failed to setup namespace: %s", strerror(-r)); | |
50 | return 1; | |
51 | } | |
52 | ||
53 | execl("/bin/sh", "/bin/sh", NULL); | |
54 | log_error("execl(): %m"); | |
55 | ||
56 | return 1; | |
57 | } |