From b06d1677015b3afa64c0792de1ff219c91e12bc1 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sun, 6 Oct 2024 18:07:08 +0000 Subject: [PATCH] jail: Make it easier to configure the jail as interactive Signed-off-by: Michael Tremer --- src/libpakfire/include/pakfire/jail.h | 2 +- src/libpakfire/jail.c | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/libpakfire/include/pakfire/jail.h b/src/libpakfire/include/pakfire/jail.h index 9ab0028ce..55fbfe998 100644 --- a/src/libpakfire/include/pakfire/jail.h +++ b/src/libpakfire/include/pakfire/jail.h @@ -58,7 +58,7 @@ void pakfire_jail_set_stdout_callback(struct pakfire_jail* jail, pakfire_jail_stdout_callback callback, void* data); enum pakfire_jail_exec_flags { - PAKFIRE_JAIL_PTY_FORWARDING = (1 << 0), + PAKFIRE_JAIL_INTERACTIVE = (1 << 0), PAKFIRE_JAIL_HAS_NETWORKING = (1 << 1), PAKFIRE_JAIL_NOENT_OK = (1 << 2), PAKFIRE_JAIL_HAS_LOOP_DEVICES = (1 << 3), diff --git a/src/libpakfire/jail.c b/src/libpakfire/jail.c index ec5d2ebcf..b1ecc90e2 100644 --- a/src/libpakfire/jail.c +++ b/src/libpakfire/jail.c @@ -1516,10 +1516,16 @@ PAKFIRE_EXPORT int pakfire_jail_exec(struct pakfire_jail* jail, const char* argv goto ERROR; } - // Enable networking in interactive mode - if (ctx.flags & PAKFIRE_JAIL_PTY_FORWARDING) + // Are we running in interactive mode? + if (pakfire_jail_exec_has_flag(&ctx, PAKFIRE_JAIL_INTERACTIVE)) { + // Enable networking ctx.flags |= PAKFIRE_JAIL_HAS_NETWORKING; + } else { + // Make the PTY read-only + pty_flags |= PAKFIRE_PTY_READ_ONLY; + } + /* Setup a file descriptor which can be used to notify the client that the parent has completed configuration. @@ -1669,7 +1675,7 @@ static int pakfire_jail_exec_interactive( struct pakfire_jail* jail, const char* argv[], int flags) { int r; - flags |= PAKFIRE_JAIL_PTY_FORWARDING; + flags |= PAKFIRE_JAIL_INTERACTIVE; // Setup interactive stuff r = pakfire_jail_setup_interactive_env(jail); -- 2.47.2