#include <linux/fs.h>
#include "namespace.h"
+#include "execute.h"
#include "log.h"
int main(int argc, char *argv[]) {
NULL
};
- const char * const readable[] = {
+ const char * const readonly[] = {
"/",
"/usr",
"/boot",
};
int r;
+ char tmp_dir[] = "/tmp/systemd-private-XXXXXX",
+ var_tmp_dir[] = "/var/tmp/systemd-private-XXXXXX";
- if ((r = setup_namespace((char**) writable, (char**) readable, (char**) inaccessible, true, MS_SHARED)) < 0) {
- log_error("Failed to setup namespace: %s", strerror(-r));
+ assert_se(mkdtemp(tmp_dir));
+ assert_se(mkdtemp(var_tmp_dir));
+
+ r = setup_namespace((char **) writable,
+ (char **) readonly,
+ (char **) inaccessible,
+ tmp_dir,
+ var_tmp_dir,
+ NULL,
+ true,
+ PROTECT_HOME_NO,
+ PROTECT_SYSTEM_NO,
+ 0);
+ if (r < 0) {
+ log_error_errno(r, "Failed to setup namespace: %m");
return 1;
}
execl("/bin/sh", "/bin/sh", NULL);
- log_error("execl(): %m");
+ log_error_errno(errno, "execl(): %m");
return 1;
}