diff options
author | Helmut Grohne <helmut@subdivi.de> | 2024-06-22 22:56:53 +0200 |
---|---|---|
committer | Helmut Grohne <helmut@subdivi.de> | 2024-06-22 23:10:16 +0200 |
commit | 928c4a94de0302634c66d8a559fc6ac26d21e5af (patch) | |
tree | 28b52c5f025241251605ce6296f8a0965156c983 /examples/cgroup.py | |
parent | 13be09d259f5006e19f0e770a1999b5d7c9247fe (diff) | |
download | python-linuxnamespaces-928c4a94de0302634c66d8a559fc6ac26d21e5af.tar.gz |
populate_sys: allow device access
The systemd test suite does not like having no access to /sys/dev and
other trees related to devices. Optionally provide them. Properly
virtualizing them likely requires lxcfs or similar.
Diffstat (limited to 'examples/cgroup.py')
-rwxr-xr-x | examples/cgroup.py | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/examples/cgroup.py b/examples/cgroup.py index 5fa5df6..219dc62 100755 --- a/examples/cgroup.py +++ b/examples/cgroup.py @@ -50,14 +50,17 @@ def main() -> None: linuxnamespaces.systemd.reexec_as_transient_unit( properties={"Delegate": True} ) + namespaces = ( + linuxnamespaces.CloneFlags.NEWUSER + | linuxnamespaces.CloneFlags.NEWNS + | linuxnamespaces.CloneFlags.NEWCGROUP + ) linuxnamespaces.unshare_user_idmap( [linuxnamespaces.IDMapping(os.getuid(), os.getuid(), 1)], [linuxnamespaces.IDMapping(os.getgid(), os.getgid(), 1)], - linuxnamespaces.CloneFlags.NEWUSER - | linuxnamespaces.CloneFlags.NEWNS - | linuxnamespaces.CloneFlags.NEWCGROUP, + namespaces, ) - linuxnamespaces.populate_sys("/", "/", mycgroup) + linuxnamespaces.populate_sys("/", "/", namespaces, mycgroup) os.execlp(os.environ["SHELL"], os.environ["SHELL"]) |