This adds
/dev/full
/dev/null
/dev/urandom
/dev/zero
in every jail (not having them only allow subtle bugs)
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
uloop_init();
if (opts.namespace) {
uloop_init();
if (opts.namespace) {
+ add_mount("/dev/full", 0, -1);
+ add_mount("/dev/null", 0, -1);
+ add_mount("/dev/urandom", 0, -1);
+ add_mount("/dev/zero", 0, -1);
+
int flags = CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWIPC | SIGCHLD;
if (opts.hostname)
flags |= CLONE_NEWUTS;
int flags = CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWIPC | SIGCHLD;
if (opts.hostname)
flags |= CLONE_NEWUTS;