Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-01-31 | examples/chroottar.py: add explanations for non-trivial aspects | Helmut Grohne | |
2024-01-31 | examples/chroottar.py: harden against tars with high uids | Helmut Grohne | |
2024-01-31 | examples/chroottar.py: improve typing precision | Helmut Grohne | |
2024-01-27 | examples/chroottar.py: support saving a tar after working inside | Helmut Grohne | |
2024-01-27 | examples/chroottar.py: allow opening non-zstd tars | Helmut Grohne | |
When decompression fails, we should raise a tarfile.ReadError rather than a zstandard.ZstdError. Otherwise, tarfile gives up guessing. | |||
2024-01-26 | improve examples/chroottar.py | Helmut Grohne | |
* Drop supplementary groups. Very likely, those are not mapped inside and they cannot cause much good. * Sane permission for the root directory. Otherwise no non-root user can access any files. | |||
2024-01-26 | add examples/fakeroot.py | Helmut Grohne | |
2024-01-25 | examples/chroottar.py: work when TMPDIR is private | Helmut Grohne | |
When TMPDIR has restrictive permissions, the namespace may be unable to access the leading components. Thus we put the supervisor process handling the cleanup into a different namespace that has all the ids plus the current uid mapped. It'll then be able to perform the cleanup (and the initial chown). | |||
2024-01-25 | new example chroottar.py | Helmut Grohne | |
2024-01-25 | fix examples/chrootfuse2fs.py | Helmut Grohne | |
* Add execute bit * Consume first positional argument | |||
2024-01-22 | add example chrootfuse2fs.py | Helmut Grohne | |
2024-01-22 | provide default for IDAllocation.allocation map arg target | Helmut Grohne | |
Most frequently, the root user is allocated. | |||
2024-01-19 | add example for a network namespace with slirp4netns | Helmut Grohne | |
2024-01-18 | add userchroot.py example | Helmut Grohne | |
2024-01-18 | add withallsubuids.py example | Helmut Grohne | |