dcavalca / rpms / util-linux

Forked from rpms/util-linux 2 years ago
Clone
05ad79
diff -up util-linux-2.23.2/sys-utils/nsenter.1.kzak util-linux-2.23.2/sys-utils/nsenter.1
05ad79
--- util-linux-2.23.2/sys-utils/nsenter.1.kzak	2014-03-12 12:39:19.283577293 +0100
05ad79
+++ util-linux-2.23.2/sys-utils/nsenter.1	2014-03-12 12:42:08.930336415 +0100
05ad79
@@ -47,12 +47,7 @@ flag).
05ad79
 will fork by default if changing the PID namespace, so that the new program
05ad79
 and its children share the same PID namespace and are visible to each other.
05ad79
 If \-\-no\-fork is used, the new program will be exec'ed without forking.
05ad79
-.TP
05ad79
-.B user namespace
05ad79
-process will have distinct set of UIDs, GIDs and capabilities
05ad79
-.RB ( CLONE_\:NEWUSER
05ad79
-flag).
05ad79
-.TP
05ad79
+.PP
05ad79
 See the
05ad79
 .BR clone (2)
05ad79
 for exact semantics of the flags.
05ad79
@@ -88,9 +83,6 @@ the network namespace
05ad79
 /proc/\fIpid\fR/ns/pid
05ad79
 the PID namespace
05ad79
 .TP
05ad79
-/proc/\fIpid\fR/ns/user
05ad79
-the user namespace
05ad79
-.TP
05ad79
 /proc/\fIpid\fR/root
05ad79
 the root directory
05ad79
 .TP
05ad79
@@ -124,11 +116,6 @@ Enter the PID namespace.  If no file is
05ad79
 the target process.  If file is specified enter the PID namespace specified by
05ad79
 file.
05ad79
 .TP
05ad79
-\fB\-U\fR, \fB\-\-user\fR [\fIfile\fR]
05ad79
-Enter the user namespace.  If no file is specified enter the user namespace of
05ad79
-the target process.  If file is specified enter the user namespace specified by
05ad79
-file.
05ad79
-.TP
05ad79
 \fB\-r\fR, \fB\-\-root\fR [\fIdirectory\fR]
05ad79
 Set the root directory.  If no directory is specified set the root directory to
05ad79
 the root directory of the target process.  If directory is specified set the
05ad79
diff -up util-linux-2.23.2/sys-utils/nsenter.c.kzak util-linux-2.23.2/sys-utils/nsenter.c
05ad79
--- util-linux-2.23.2/sys-utils/nsenter.c.kzak	2014-03-12 12:39:10.402485179 +0100
05ad79
+++ util-linux-2.23.2/sys-utils/nsenter.c	2014-03-12 12:44:07.986570461 +0100
05ad79
@@ -42,12 +42,7 @@ static struct namespace_file {
05ad79
 	int fd;
05ad79
 } namespace_files[] = {
05ad79
 	/* Careful the order is significant in this array.
05ad79
-	 *
05ad79
-	 * The user namespace comes first, so that it is entered
05ad79
-	 * first.  This gives an unprivileged user the potential to
05ad79
-	 * enter the other namespaces.
05ad79
 	 */
05ad79
-	{ .nstype = CLONE_NEWUSER, .name = "ns/user", .fd = -1 },
05ad79
 	{ .nstype = CLONE_NEWIPC,  .name = "ns/ipc",  .fd = -1 },
05ad79
 	{ .nstype = CLONE_NEWUTS,  .name = "ns/uts",  .fd = -1 },
05ad79
 	{ .nstype = CLONE_NEWNET,  .name = "ns/net",  .fd = -1 },
05ad79
@@ -71,7 +66,6 @@ static void usage(int status)
05ad79
 	fputs(_(" -i, --ipc   [=<file>]  enter System V IPC namespace\n"), out);
05ad79
 	fputs(_(" -n, --net   [=<file>]  enter network namespace\n"), out);
05ad79
 	fputs(_(" -p, --pid   [=<file>]  enter pid namespace\n"), out);
05ad79
-	fputs(_(" -U, --user  [=<file>]  enter user namespace\n"), out);
05ad79
 	fputs(_(" -r, --root  [=<dir>]   set the root directory\n"), out);
05ad79
 	fputs(_(" -w, --wd    [=<dir>]   set the working directory\n"), out);
05ad79
 	fputs(_(" -F, --no-fork          do not fork before exec'ing <program>\n"), out);
05ad79
@@ -168,7 +162,6 @@ int main(int argc, char *argv[])
05ad79
 		{ "ipc", optional_argument, NULL, 'i' },
05ad79
 		{ "net", optional_argument, NULL, 'n' },
05ad79
 		{ "pid", optional_argument, NULL, 'p' },
05ad79
-		{ "user", optional_argument, NULL, 'U' },
05ad79
 		{ "root", optional_argument, NULL, 'r' },
05ad79
 		{ "wd", optional_argument, NULL, 'w' },
05ad79
 		{ "no-fork", no_argument, NULL, 'F' },
05ad79
@@ -186,7 +179,7 @@ int main(int argc, char *argv[])
05ad79
 	atexit(close_stdout);
05ad79
 
05ad79
 	while ((c =
05ad79
-		getopt_long(argc, argv, "hVt:m::u::i::n::p::U::r::w::F",
05ad79
+		getopt_long(argc, argv, "hVt:m::u::i::n::p::r::w::F",
05ad79
 			    longopts, NULL)) != -1) {
05ad79
 		switch (c) {
05ad79
 		case 'h':
05ad79
@@ -228,12 +221,6 @@ int main(int argc, char *argv[])
05ad79
 			else
05ad79
 				namespaces |= CLONE_NEWPID;
05ad79
 			break;
05ad79
-		case 'U':
05ad79
-			if (optarg)
05ad79
-				open_namespace_fd(CLONE_NEWUSER, optarg);
05ad79
-			else
05ad79
-				namespaces |= CLONE_NEWUSER;
05ad79
-			break;
05ad79
 		case 'F':
05ad79
 			do_fork = 0;
05ad79
 			break;
05ad79
diff -up util-linux-2.23.2/sys-utils/unshare.1.kzak util-linux-2.23.2/sys-utils/unshare.1
05ad79
--- util-linux-2.23.2/sys-utils/unshare.1.kzak	2014-03-12 12:39:41.367806340 +0100
05ad79
+++ util-linux-2.23.2/sys-utils/unshare.1	2014-03-12 12:40:25.186260760 +0100
05ad79
@@ -34,9 +34,6 @@ etc. (\fBCLONE_NEWNET\fP flag).
05ad79
 .BR "pid namespace"
05ad79
 children will have a distinct set of pid to process mappings than their parent.
05ad79
 (\fBCLONE_NEWPID\fP flag).
05ad79
-.TP
05ad79
-.BR "user namespace"
05ad79
-process will have distinct set of uids, gids and capabilities. (\fBCLONE_NEWUSER\fP flag).
05ad79
 .PP
05ad79
 See the \fBclone\fR(2) for exact semantics of the flags.
05ad79
 .SH OPTIONS
05ad79
@@ -58,9 +55,6 @@ Unshare the network namespace.
05ad79
 .TP
05ad79
 .BR \-p , " \-\-pid"
05ad79
 Unshare the pid namespace.
05ad79
-.TP
05ad79
-.BR \-U , " \-\-user"
05ad79
-Unshare the user namespace.
05ad79
 .SH SEE ALSO
05ad79
 .BR unshare (2),
05ad79
 .BR clone (2)
05ad79
diff -up util-linux-2.23.2/sys-utils/unshare.c.kzak util-linux-2.23.2/sys-utils/unshare.c
05ad79
--- util-linux-2.23.2/sys-utils/unshare.c.kzak	2014-03-12 12:39:46.385858383 +0100
05ad79
+++ util-linux-2.23.2/sys-utils/unshare.c	2014-03-12 12:44:49.955005384 +0100
05ad79
@@ -45,7 +45,6 @@ static void usage(int status)
05ad79
 	fputs(_(" -i, --ipc         unshare System V IPC namespace\n"), out);
05ad79
 	fputs(_(" -n, --net         unshare network namespace\n"), out);
05ad79
 	fputs(_(" -p, --pid         unshare pid namespace\n"), out);
05ad79
-	fputs(_(" -U, --user        unshare user namespace\n"), out);
05ad79
 
05ad79
 	fputs(USAGE_SEPARATOR, out);
05ad79
 	fputs(USAGE_HELP, out);
05ad79
@@ -65,7 +64,6 @@ int main(int argc, char *argv[])
05ad79
 		{ "ipc", no_argument, 0, 'i' },
05ad79
 		{ "net", no_argument, 0, 'n' },
05ad79
 		{ "pid", no_argument, 0, 'p' },
05ad79
-		{ "user", no_argument, 0, 'U' },
05ad79
 		{ NULL, 0, 0, 0 }
05ad79
 	};
05ad79
 
05ad79
@@ -78,7 +76,7 @@ int main(int argc, char *argv[])
05ad79
 	textdomain(PACKAGE);
05ad79
 	atexit(close_stdout);
05ad79
 
05ad79
-	while ((c = getopt_long(argc, argv, "hVmuinpU", longopts, NULL)) != -1) {
05ad79
+	while ((c = getopt_long(argc, argv, "hVmuinp", longopts, NULL)) != -1) {
05ad79
 		switch (c) {
05ad79
 		case 'h':
05ad79
 			usage(EXIT_SUCCESS);
05ad79
@@ -100,9 +98,6 @@ int main(int argc, char *argv[])
05ad79
 		case 'p':
05ad79
 			unshare_flags |= CLONE_NEWPID;
05ad79
 			break;
05ad79
-		case 'U':
05ad79
-			unshare_flags |= CLONE_NEWUSER;
05ad79
-			break;
05ad79
 		default:
05ad79
 			usage(EXIT_FAILURE);
05ad79
 		}