summaryrefslogtreecommitdiff
path: root/examples/chroottar.py
AgeCommit message (Collapse)Author
2024-03-02examples/chroottar.py: make pylint happierHelmut Grohne
2024-02-25spell checkHelmut Grohne
2024-01-31examples/chroottar.py: add explanations for non-trivial aspectsHelmut Grohne
2024-01-31examples/chroottar.py: harden against tars with high uidsHelmut Grohne
2024-01-31examples/chroottar.py: improve typing precisionHelmut Grohne
2024-01-27examples/chroottar.py: support saving a tar after working insideHelmut Grohne
2024-01-27examples/chroottar.py: allow opening non-zstd tarsHelmut Grohne
When decompression fails, we should raise a tarfile.ReadError rather than a zstandard.ZstdError. Otherwise, tarfile gives up guessing.
2024-01-26improve examples/chroottar.pyHelmut Grohne
* Drop supplementary groups. Very likely, those are not mapped inside and they cannot cause much good. * Sane permission for the root directory. Otherwise no non-root user can access any files.
2024-01-25examples/chroottar.py: work when TMPDIR is privateHelmut Grohne
When TMPDIR has restrictive permissions, the namespace may be unable to access the leading components. Thus we put the supervisor process handling the cleanup into a different namespace that has all the ids plus the current uid mapped. It'll then be able to perform the cleanup (and the initial chown).
2024-01-25new example chroottar.pyHelmut Grohne