| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-03-03 | add function for prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, ...) | Helmut Grohne | |
| 2024-03-02 | fix typos | Jakub Wilk | |
| 2024-03-02 | examples/chroottar.py: make pylint happier | Helmut Grohne | |
| 2024-03-01 | add rudimentary prctl syscall wrapper | Helmut Grohne | |
| 2024-02-25 | spell check | Helmut Grohne | |
| 2024-02-21 | examples/chrootfuse2fs.py: generalize to allow squashfs | Helmut Grohne | |
| 2024-02-21 | examples/cgroup.py: drive ravel using asyncio | Helmut Grohne | |
| 2024-02-21 | add function linuxnamespaces.populate_sys | Helmut Grohne | |
| 2024-02-15 | MountFlags: support conversion to and from a textual representation | Helmut Grohne | |
| The textual representation matches util-linux. Not all flag values can be represented textually. | |||
| 2024-02-02 | examples/userchroot.py: delete unused function | Helmut Grohne | |
| 2024-02-01 | add examples/cgroup.py: writeable cgroup hierarchy | Helmut Grohne | |
| 2024-01-31 | examples/chroottar.py: add explanations for non-trivial aspects | Helmut Grohne | |
| 2024-01-31 | examples/chroottar.py: harden against tars with high uids | Helmut Grohne | |
| 2024-01-31 | examples/chroottar.py: improve typing precision | Helmut Grohne | |
| 2024-01-27 | examples/chroottar.py: support saving a tar after working inside | Helmut Grohne | |
| 2024-01-27 | examples/chroottar.py: allow opening non-zstd tars | Helmut Grohne | |
| When decompression fails, we should raise a tarfile.ReadError rather than a zstandard.ZstdError. Otherwise, tarfile gives up guessing. | |||
| 2024-01-26 | improve examples/chroottar.py | Helmut Grohne | |
| * Drop supplementary groups. Very likely, those are not mapped inside and they cannot cause much good. * Sane permission for the root directory. Otherwise no non-root user can access any files. | |||
| 2024-01-26 | add examples/fakeroot.py | Helmut Grohne | |
| 2024-01-25 | examples/chroottar.py: work when TMPDIR is private | Helmut Grohne | |
| When TMPDIR has restrictive permissions, the namespace may be unable to access the leading components. Thus we put the supervisor process handling the cleanup into a different namespace that has all the ids plus the current uid mapped. It'll then be able to perform the cleanup (and the initial chown). | |||
| 2024-01-25 | new example chroottar.py | Helmut Grohne | |
| 2024-01-25 | fix examples/chrootfuse2fs.py | Helmut Grohne | |
| * Add execute bit * Consume first positional argument | |||
| 2024-01-22 | add example chrootfuse2fs.py | Helmut Grohne | |
| 2024-01-22 | provide default for IDAllocation.allocation map arg target | Helmut Grohne | |
| Most frequently, the root user is allocated. | |||
| 2024-01-19 | add example for a network namespace with slirp4netns | Helmut Grohne | |
| 2024-01-18 | add userchroot.py example | Helmut Grohne | |
| 2024-01-18 | add withallsubuids.py example | Helmut Grohne | |
 |
index : ~helmut/python-linuxnamespaces.git | |
| Python module for working with Linux namespaces | Helmut Grohne |
| summaryrefslogtreecommitdiff |