Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-04-03 | tests: avoid need for a type annotation | Helmut Grohne | |
mypy wants type annotations for every def. As we only call another function, we may pass it to the decorator directly and shut up mypy. | |||
2024-04-03 | add basic tests for AtLocation | Helmut Grohne | |
2024-04-03 | AtLocation.walk: add support for AT_EMPTY_PATH | Helmut Grohne | |
2024-04-03 | AtLocation.walk: emit nofllow flag when follow_symlinks=False | Helmut Grohne | |
2024-04-03 | AtLocation.readlink: require AT_SYMLINK_NOFOLLOW | Helmut Grohne | |
It does not make sense to read a link after having followed it. | |||
2024-04-02 | improve AtLocation.join semantics | Helmut Grohne | |
Also allow joining an AtLocation. When doing that note that any kind of absolute location object (absolute path without fd and any location with an fd) results in just that latter location just like os.path.join returns the latter path when it is absolute. Fixes: 034f732a1af4 ("initial checkin") | |||
2024-04-02 | a few formatting and typo fixes | Helmut Grohne | |
2024-04-02 | add documentation regarding resource management of AtLocations | Helmut Grohne | |
2024-04-02 | fix logic error in AtLocation.stat | Helmut Grohne | |
Fixes: 1c265b6e11c3 ("add os.stat wrapper AtLocation.stat") | |||
2024-03-24 | AtLocation.mkdir: support optional arguments from pathlib | Helmut Grohne | |
2024-03-22 | add convenience functions for stat to AtLocationLike | Helmut Grohne | |
These are the is_* family and exists all from pathlib.Path. | |||
2024-03-22 | add os.stat wrapper AtLocation.stat | Helmut Grohne | |
2024-03-16 | slightly simplify tests | Helmut Grohne | |
2024-03-16 | add an asyncio variant of run_in_fork | Helmut Grohne | |
2024-03-14 | rename AtLocation.symlink to symlink_to | Helmut Grohne | |
This mirrors what was done for pathlib.Path to avoid confusion about argument order. | |||
2024-03-12 | work around mypy misdetection on bookworm | Helmut Grohne | |
2024-03-11 | add method AtLocation.is_absolute | Helmut Grohne | |
This is similar to pathlib.Path.is_absolute. | |||
2024-03-07 | add AtLocation.rename method wrapping os.rename | Helmut Grohne | |
2024-03-07 | add AtLocation.link method wrapping os.link | Helmut Grohne | |
2024-03-03 | add function for prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, ...) | Helmut Grohne | |
2024-03-03 | implement repr for AtLocation | Helmut Grohne | |
2024-03-02 | fix typos | Jakub Wilk | |
2024-03-02 | examples/chroottar.py: make pylint happier | Helmut Grohne | |
2024-03-01 | add rudimentary prctl syscall wrapper | Helmut Grohne | |
2024-03-01 | fix read-only bind_mount | Helmut Grohne | |
As we learn from util-linux, MS_RDONLY is ignored on MS_BIND. Rather than remount, just use the new mount API as it doesn't suffer this limitation. | |||
2024-02-25 | spell check | Helmut Grohne | |
2024-02-24 | populate_dev: remove assumption that newdev does not shadow origdev | Helmut Grohne | |
In particular, one can now pass newdev = origdev. | |||
2024-02-23 | tests: consider that EventFD.aread might not return a future | Helmut Grohne | |
2024-02-23 | delete unused imports | Helmut Grohne | |
2024-02-21 | examples/chrootfuse2fs.py: generalize to allow squashfs | Helmut Grohne | |
2024-02-21 | pyproject.toml: minimum python version | Helmut Grohne | |
We rely on PEP 585 and hence, 3.9 is a hard requirement. | |||
2024-02-21 | examples/cgroup.py: drive ravel using asyncio | Helmut Grohne | |
2024-02-21 | fix logic error in populate_sys | Helmut Grohne | |
Fixes: 1de72653e0b9 ("add function linuxnamespaces.populate_sys") | |||
2024-02-21 | improve error handling in linuxnamespaces.populate_dev | Helmut Grohne | |
2024-02-21 | add function linuxnamespaces.populate_sys | Helmut Grohne | |
2024-02-21 | revoke the false promise that bytes would be convertible to Path | Helmut Grohne | |
pathlib.Path(somebytes) fails. Hence bytes is not actually convertible and should not be included in PathConvertible. Then, we can simplify matters in quite a few places by knowing that the thing we work with is not bytes. | |||
2024-02-16 | add an async read method to EventFD | Helmut Grohne | |
Adding an async write does not work for values larger than 1, because the fd becomes writable once a value of 1 can be written, but a larger value might still cause EAGAIN putting us into a busy loop. Hitting the limit with writing ones is implausible, so async code can just use the synchronous write method. | |||
2024-02-15 | MountFlags: support conversion to and from a textual representation | Helmut Grohne | |
The textual representation matches util-linux. Not all flag values can be represented textually. | |||
2024-02-02 | examples/userchroot.py: delete unused function | Helmut Grohne | |
2024-02-01 | add examples/cgroup.py: writeable cgroup hierarchy | Helmut Grohne | |
2024-01-31 | examples/chroottar.py: add explanations for non-trivial aspects | Helmut Grohne | |
2024-01-31 | examples/chroottar.py: harden against tars with high uids | Helmut Grohne | |
2024-01-31 | examples/chroottar.py: improve typing precision | Helmut Grohne | |
2024-01-27 | pyproject.toml: document optional dependency zstandard | Helmut Grohne | |
2024-01-27 | examples/chroottar.py: support saving a tar after working inside | Helmut Grohne | |
2024-01-27 | examples/chroottar.py: allow opening non-zstd tars | Helmut Grohne | |
When decompression fails, we should raise a tarfile.ReadError rather than a zstandard.ZstdError. Otherwise, tarfile gives up guessing. | |||
2024-01-26 | add some metadata to a first pyproject.toml | Helmut Grohne | |
2024-01-26 | improve examples/chroottar.py | Helmut Grohne | |
* Drop supplementary groups. Very likely, those are not mapped inside and they cannot cause much good. * Sane permission for the root directory. Otherwise no non-root user can access any files. | |||
2024-01-26 | add examples/fakeroot.py | Helmut Grohne | |
2024-01-25 | examples/chroottar.py: work when TMPDIR is private | Helmut Grohne | |
When TMPDIR has restrictive permissions, the namespace may be unable to access the leading components. Thus we put the supervisor process handling the cleanup into a different namespace that has all the ids plus the current uid mapped. It'll then be able to perform the cleanup (and the initial chown). |