Add a `cwd` option

This way the process being spawned can be in a directory if the
spawner’s choosing (as ling as it’s available in the chroot)

diff --git a/cmdline.c b/cmdline.c
index 30f97a29f446a6c2e97b13d2a18c09d485ad80b6..f36082df79ef2223030a981ee0738578f508dac9 100644 (file)
--- a/cmdline.c
+++ b/cmdline.c
@@ -174,6 +174,7 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
        /*  *INDENT-OFF* */
        (*nsjconf) = (struct nsjconf_t) {
                .hostname = "NSJAIL",
+               .cwd = "/",
                .chroot = "",
                .argv = NULL,
                .port = 31337,
@@ -230,6 +231,7 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
                {{"user", required_argument, NULL, 'u'}, "Username/uid of processess inside the jail (default: 'nobody')"},
                {{"group", required_argument, NULL, 'g'}, "Groupname/gid of processess inside the jail (default: 'nogroup')"},
                {{"hostname", required_argument, NULL, 'H'}, "UTS name (hostname) of the jail (default: 'NSJAIL')"},
+               {{"cwd", required_argument, NULL, 'D'}, "Directory in the namespace the process will run (default: '/')"},
                {{"port", required_argument, NULL, 'p'}, "TCP port to bind to (only in [MODE_LISTEN_TCP]) (default: 31337)"},
                {{"max_conns_per_ip", required_argument, NULL, 'i'}, "Maximum number of connections per one IP (default: 0 (unlimited))"},
                {{"log", required_argument, NULL, 'l'}, "Log file (default: /proc/self/fd/2)"},
@@ -277,7 +279,7 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
        int opt_index = 0;
        for (;;) {
                int c =
-                   getopt_long(argc, argv, "H:c:p:i:u:g:l:t:M:Ndveh?R:B:T:I:", opts, &opt_index);
+                   getopt_long(argc, argv, "H:D:c:p:i:u:g:l:t:M:Ndveh?R:B:T:I:", opts, &opt_index);
                if (c == -1) {
                        break;
                }
@@ -285,6 +287,9 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
                case 'H':
                        nsjconf->hostname = optarg;
                        break;
+               case 'D':
+                       nsjconf->cwd = optarg;
+                       break;
                case 'c':
                        nsjconf->chroot = optarg;
                        break;

diff --git a/common.h b/common.h
index 0b34db046e019a529392bf7b895279f5889aa68d..a90ea9491765a5a4db34378a1842a27aee4419aa 100644 (file)
--- a/common.h
+++ b/common.h
@@ -57,6 +57,7 @@ enum mode_t {
 
 struct nsjconf_t {
        const char *hostname;
+       const char *cwd;
        char *const *argv;
        int port;
        uid_t uid;

diff --git a/contain.c b/contain.c
index dd82c7e9eac3742864672ac449c5b2729b867469..9b893426be5b503aaa05d8d2cc75f9e4a640fbcd 100644 (file)
--- a/contain.c
+++ b/contain.c
@@ -267,9 +267,9 @@ bool containMountFS(struct nsjconf_t * nsjconf)
                PLOG_E("CHROOT('/new_root')");
                return false;
        }
-
-       if (chdir("/") == -1) {
-               PLOG_E("chdir('/')");
+       
+       if (chdir(&nsjconf->cwd) == -1) {
+               PLOG_E("chdir('%s')", &nsjconf->cwd);
                return false;
        }