Skip to content

ErwanGa/jail

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github/workflows
.github/workflows
 
 
CMakeModules
CMakeModules
 
 
configs
configs
 
 
inc
inc
 
 
jail
jail
 
 
src
src
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Jail

1. Overview

This program will launch and monitor a jailed process

2. Build

make

3. Install

4. Usage

jail data.xml

where data.xml has the following scheme

<jail name="/bin/ls">
	<user username="myUser"/>
	<rlimit as="0" fsize="0" mq="0" stack="0" />
	<umask value="0077"/>
	<home path="myHome" />
	<bind_ro path="/bin /lib /usr/lib" />
	<bind_rw path="/mnt" />
	<copy_d path="" />
	<copy_f path="/etc/group /etc/passwd /etc/apt/apt.conf" />
	<caps name="" />
	<args name="-l"/>
	<restart value=y>
	<reboot value=y>

</jail>

jail name is the name of the process (absolute path) user username is the owner of the process rlimit fix the system limits (0 means unlimited) bind_ro is a list of directory to bind in read only mode bind_rw is a list of directories to bind in read-write mode if possible copy_d is not used yet copy_f is a list a file to be copied in the jail caps is a list a capabilities args is a list of argumet for the program restart value (y|n) y -> restart if the process ends reboot value (y|n) y -> reboot if the process ends

About

chroot

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

First Version since moving Latest
Apr 13, 2023

Packages

No packages published

Languages