]>
Commit | Line | Data |
---|---|---|
15ae422b LP |
1 | /*-*- Mode: C; c-basic-offset: 8 -*-*/ |
2 | ||
3 | /*** | |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2010 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
9 | under the terms of the GNU General Public License as published by | |
10 | the Free Software Foundation; either version 2 of the License, or | |
11 | (at your option) any later version. | |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | General Public License for more details. | |
17 | ||
18 | You should have received a copy of the GNU General Public License | |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
20 | ***/ | |
21 | ||
22 | #include <stdlib.h> | |
23 | #include <string.h> | |
24 | #include <unistd.h> | |
25 | #include <sys/mount.h> | |
26 | ||
27 | #include "namespace.h" | |
28 | #include "log.h" | |
29 | ||
30 | int main(int argc, char *argv[]) { | |
31 | const char * const writable[] = { | |
32 | "/home", | |
33 | NULL | |
34 | }; | |
35 | ||
36 | const char * const readable[] = { | |
5dcfe57b LP |
37 | "/", |
38 | "/usr", | |
39 | "/boot", | |
15ae422b LP |
40 | NULL |
41 | }; | |
42 | ||
43 | const char * const inaccessible[] = { | |
44 | "/home/lennart/projects", | |
45 | NULL | |
46 | }; | |
47 | ||
48 | int r; | |
49 | ||
50 | if ((r = setup_namespace((char**) writable, (char**) readable, (char**) inaccessible, true, MS_SHARED)) < 0) { | |
51 | log_error("Failed to setup namespace: %s", strerror(-r)); | |
52 | return 1; | |
53 | } | |
54 | ||
55 | execl("/bin/sh", "/bin/sh", NULL); | |
56 | log_error("execl(): %m"); | |
57 | ||
58 | return 1; | |
59 | } |