| Age | Commit message (Collapse) | Author |
|---|
|
|
|
The systemd test suite does not like having no access to /sys/dev and
other trees related to devices. Optionally provide them. Properly
virtualizing them likely requires lxcfs or similar.
|
|
We now compute the actual bind mounts first and deduce the directories
in need of creation from that. This makes populate_sys easier to extend.
|
|
Fixes: 8b98dc846e7b ("populate_dev: remove assumption that newdev does not shadow origdev")
|
|
It can be used in a new network namespace to enable the loopback network
interface and thus provide easy network isolation.
|
|
This is needed e.g. for Python's multiprocessing.SemLock.
|
|
This symlink turns out to be important for execveat. Its NOTES section
details that /dev/fd needs to work in order for execveat to work. We
better provide this symlink.
|
|
No functional changes.
|
|
linuxnamespaces/__init__.py:
* linuxnamespaces.filedescriptor only exports FileDescriptor. By
importing *, we re-export it implicitly.
linuxnamespaces/atlocation.py:
* PathLike should be parameterized and we no longer allow bytes there.
linuxnamespaces/tarutils.py:
* Resolve dict vs Mapping.
tests/test_simple.py:
* Establish expected type to mypy.
examples/unschroot.py:
* pidfd is first an int and later a FileDescriptor, but we always use
it as int.
* Also tell mypy that we cannot get NULL from waitid.
|
|
|
|
Allow reserving a particular range instead of allocating a suitable
large range of an IDAllocation. This is useful when a directory
hierarchy defines the allocation and we merely want to verify it to be
assigned.
|
|
It serves two main purposes. For one thing, it allows telling bare
integers and file descriptors apart on a typing level similar to a
NewType. For another it adds common methods to a file descriptor and
enables closing it via a context manager.
|
|
|
|
It is a bit like an async version of shutil.copyfileobj but for bare
file descriptors and has an optimized version for pipes.
|
|
os.splice from Python >= 3.10 is good enough.
This reverts commit 056c1f964f55adedc17f8d7bddef1f48c73852c7.
|
|
|
|
|
|
|
|
When booting systemd, it'll create these symlinks, but when doing an
application container, nothing does this and we risk creating regular
files there.
|
|
This is a mixin subclass for TarFile that enables it to restore and
apply linux extended attributes as PAX headers in the SCHILY.xattr.*
format. As a consequence, this enables us to process tar archives
containing file system capabilities.
|
|
Move the generic tar utilities from the chroottar.py example into a
linuxnamespaces module as dealing with tar archives is a fairly common
thing when dealing with namespaces.
|
|
|
|
|
|
|
|
Passing None as name also yields libc functions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
It does not make sense to read a link after having followed it.
|
|
Also allow joining an AtLocation. When doing that note that any kind of
absolute location object (absolute path without fd and any location with
an fd) results in just that latter location just like os.path.join
returns the latter path when it is absolute.
Fixes: 034f732a1af4 ("initial checkin")
|
|
|
|
|
|
Fixes: 1c265b6e11c3 ("add os.stat wrapper AtLocation.stat")
|
|
|
|
These are the is_* family and exists all from pathlib.Path.
|
|
|
|
|
|
This mirrors what was done for pathlib.Path to avoid confusion about
argument order.
|
|
|
|
This is similar to pathlib.Path.is_absolute.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
As we learn from util-linux, MS_RDONLY is ignored on MS_BIND. Rather
than remount, just use the new mount API as it doesn't suffer this
limitation.
|
