From patchwork Mon Nov 30 23:13:40 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Etienne Champetier X-Patchwork-Id: 550559 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 19FEB14016A for ; Tue, 1 Dec 2015 10:17:40 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=juaOQQLA; dkim-atps=neutral Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id 5319528C72B; Tue, 1 Dec 2015 00:13:55 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu X-Spam-Level: X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,FREEMAIL_FROM, T_DKIM_INVALID autolearn=unavailable version=3.3.2 Received: from arrakis.dune.hu (localhost [127.0.0.1]) by arrakis.dune.hu (Postfix) with ESMTP id D678828C725 for ; Tue, 1 Dec 2015 00:13:46 +0100 (CET) X-policyd-weight: using cached result; rate:hard: -8.5 Received: from mail-wm0-f54.google.com (mail-wm0-f54.google.com [74.125.82.54]) by arrakis.dune.hu (Postfix) with ESMTPS for ; Tue, 1 Dec 2015 00:13:41 +0100 (CET) Received: by wmuu63 with SMTP id u63so150751117wmu.0 for ; Mon, 30 Nov 2015 15:13:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id; bh=uJW7u7tH+Ia45ynu+APl4B5TWv4Pqi47aUYh263TEF8=; b=juaOQQLAjt854pvKhQhy5+4WJSy4LWdhxfCJlAEicw2pq3VEhsmVaRDtX6nB+1+Yjv JRSDKEzN68wsoMo9J1Fs6EGsKNGU5gOtL3xppTu3yeGZBzCXzw9AY+2fznn02iu0QrU3 xZcW9APUCQ+io46bjOJOn/syGH+IAgpqlNDV1oPCdjPBjYiKTvMiNmzWPAOSXfcctfeW y14cE3ZR9Uy9io7ZLkqJrp+evGw28D4c0I6/5JbaBN6M7xlB2ibu1IUWPs7u3vrBsQ2u 0DPG+RcBsWJqtforZPsMegp6ng02CuvasoTA2nda4WUGgeC75JaTrPvB0B7HevWae4sg Stjg== X-Received: by 10.28.221.134 with SMTP id u128mr33337835wmg.94.1448925225254; Mon, 30 Nov 2015 15:13:45 -0800 (PST) Received: from ubuntu1404.lxcnattst (ns623510.ovh.net. [5.135.134.9]) by smtp.gmail.com with ESMTPSA id a186sm23276956wmh.4.2015.11.30.15.13.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 30 Nov 2015 15:13:43 -0800 (PST) From: Etienne CHAMPETIER To: OpenWrt Development List Date: Mon, 30 Nov 2015 23:13:40 +0000 Message-Id: <1448925221-64454-1-git-send-email-champetier.etienne@gmail.com> X-Mailer: git-send-email 1.9.1 Subject: [OpenWrt-Devel] [PATCH 1/2] procd: update procd.sh to support new ujail options X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openwrt-devel-bounces@lists.openwrt.org Sender: "openwrt-devel" Signed-off-by: Etienne CHAMPETIER --- package/system/procd/files/procd.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package/system/procd/files/procd.sh b/package/system/procd/files/procd.sh index e83e75c..a2a63f8 100644 --- a/package/system/procd/files/procd.sh +++ b/package/system/procd/files/procd.sh @@ -126,7 +126,6 @@ _procd_open_validate() { _procd_add_jail() { json_add_object "jail" json_add_string name "$1" - json_add_string root "/tmp/.jail/$1" shift @@ -136,6 +135,7 @@ _procd_add_jail() { ubus) json_add_boolean "ubus" "1";; procfs) json_add_boolean "procfs" "1";; sysfs) json_add_boolean "sysfs" "1";; + ronly) json_add_boolean "ronly" "1";; esac done json_add_object "mount" @@ -195,10 +195,10 @@ _procd_set_param() { nice) json_add_int "$type" "$1" ;; - user|seccomp) + user|seccomp|capabilities) json_add_string "$type" "$1" ;; - stdout|stderr) + stdout|stderr|no_new_privs) json_add_boolean "$type" "$1" ;; esac