dcavalca / rpms / util-linux

Forked from rpms/util-linux 2 years ago
Clone
531551
diff -up util-linux-2.23.2/sys-utils/nsenter.1.kzak util-linux-2.23.2/sys-utils/nsenter.1
531551
--- util-linux-2.23.2/sys-utils/nsenter.1.kzak	2014-03-12 12:39:19.283577293 +0100
531551
+++ util-linux-2.23.2/sys-utils/nsenter.1	2014-03-12 12:42:08.930336415 +0100
531551
@@ -47,12 +47,7 @@ flag).
531551
 will fork by default if changing the PID namespace, so that the new program
531551
 and its children share the same PID namespace and are visible to each other.
531551
 If \-\-no\-fork is used, the new program will be exec'ed without forking.
531551
-.TP
531551
-.B user namespace
531551
-process will have distinct set of UIDs, GIDs and capabilities
531551
-.RB ( CLONE_\:NEWUSER
531551
-flag).
531551
-.TP
531551
+.PP
531551
 See the
531551
 .BR clone (2)
531551
 for exact semantics of the flags.
531551
@@ -88,9 +83,6 @@ the network namespace
531551
 /proc/\fIpid\fR/ns/pid
531551
 the PID namespace
531551
 .TP
531551
-/proc/\fIpid\fR/ns/user
531551
-the user namespace
531551
-.TP
531551
 /proc/\fIpid\fR/root
531551
 the root directory
531551
 .TP
531551
@@ -124,11 +116,6 @@ Enter the PID namespace.  If no file is
531551
 the target process.  If file is specified enter the PID namespace specified by
531551
 file.
531551
 .TP
531551
-\fB\-U\fR, \fB\-\-user\fR [\fIfile\fR]
531551
-Enter the user namespace.  If no file is specified enter the user namespace of
531551
-the target process.  If file is specified enter the user namespace specified by
531551
-file.
531551
-.TP
531551
 \fB\-r\fR, \fB\-\-root\fR [\fIdirectory\fR]
531551
 Set the root directory.  If no directory is specified set the root directory to
531551
 the root directory of the target process.  If directory is specified set the
531551
diff -up util-linux-2.23.2/sys-utils/nsenter.c.kzak util-linux-2.23.2/sys-utils/nsenter.c
531551
--- util-linux-2.23.2/sys-utils/nsenter.c.kzak	2014-03-12 12:39:10.402485179 +0100
531551
+++ util-linux-2.23.2/sys-utils/nsenter.c	2014-03-12 12:44:07.986570461 +0100
531551
@@ -42,12 +42,7 @@ static struct namespace_file {
531551
 	int fd;
531551
 } namespace_files[] = {
531551
 	/* Careful the order is significant in this array.
531551
-	 *
531551
-	 * The user namespace comes first, so that it is entered
531551
-	 * first.  This gives an unprivileged user the potential to
531551
-	 * enter the other namespaces.
531551
 	 */
531551
-	{ .nstype = CLONE_NEWUSER, .name = "ns/user", .fd = -1 },
531551
 	{ .nstype = CLONE_NEWIPC,  .name = "ns/ipc",  .fd = -1 },
531551
 	{ .nstype = CLONE_NEWUTS,  .name = "ns/uts",  .fd = -1 },
531551
 	{ .nstype = CLONE_NEWNET,  .name = "ns/net",  .fd = -1 },
531551
@@ -71,7 +66,6 @@ static void usage(int status)
531551
 	fputs(_(" -i, --ipc   [=<file>]  enter System V IPC namespace\n"), out);
531551
 	fputs(_(" -n, --net   [=<file>]  enter network namespace\n"), out);
531551
 	fputs(_(" -p, --pid   [=<file>]  enter pid namespace\n"), out);
531551
-	fputs(_(" -U, --user  [=<file>]  enter user namespace\n"), out);
531551
 	fputs(_(" -r, --root  [=<dir>]   set the root directory\n"), out);
531551
 	fputs(_(" -w, --wd    [=<dir>]   set the working directory\n"), out);
531551
 	fputs(_(" -F, --no-fork          do not fork before exec'ing <program>\n"), out);
531551
@@ -168,7 +162,6 @@ int main(int argc, char *argv[])
531551
 		{ "ipc", optional_argument, NULL, 'i' },
531551
 		{ "net", optional_argument, NULL, 'n' },
531551
 		{ "pid", optional_argument, NULL, 'p' },
531551
-		{ "user", optional_argument, NULL, 'U' },
531551
 		{ "root", optional_argument, NULL, 'r' },
531551
 		{ "wd", optional_argument, NULL, 'w' },
531551
 		{ "no-fork", no_argument, NULL, 'F' },
531551
@@ -186,7 +179,7 @@ int main(int argc, char *argv[])
531551
 	atexit(close_stdout);
531551
 
531551
 	while ((c =
531551
-		getopt_long(argc, argv, "hVt:m::u::i::n::p::U::r::w::F",
531551
+		getopt_long(argc, argv, "hVt:m::u::i::n::p::r::w::F",
531551
 			    longopts, NULL)) != -1) {
531551
 		switch (c) {
531551
 		case 'h':
531551
@@ -228,12 +221,6 @@ int main(int argc, char *argv[])
531551
 			else
531551
 				namespaces |= CLONE_NEWPID;
531551
 			break;
531551
-		case 'U':
531551
-			if (optarg)
531551
-				open_namespace_fd(CLONE_NEWUSER, optarg);
531551
-			else
531551
-				namespaces |= CLONE_NEWUSER;
531551
-			break;
531551
 		case 'F':
531551
 			do_fork = 0;
531551
 			break;
531551
diff -up util-linux-2.23.2/sys-utils/unshare.1.kzak util-linux-2.23.2/sys-utils/unshare.1
531551
--- util-linux-2.23.2/sys-utils/unshare.1.kzak	2014-03-12 12:39:41.367806340 +0100
531551
+++ util-linux-2.23.2/sys-utils/unshare.1	2014-03-12 12:40:25.186260760 +0100
531551
@@ -34,9 +34,6 @@ etc. (\fBCLONE_NEWNET\fP flag).
531551
 .BR "pid namespace"
531551
 children will have a distinct set of pid to process mappings than their parent.
531551
 (\fBCLONE_NEWPID\fP flag).
531551
-.TP
531551
-.BR "user namespace"
531551
-process will have distinct set of uids, gids and capabilities. (\fBCLONE_NEWUSER\fP flag).
531551
 .PP
531551
 See the \fBclone\fR(2) for exact semantics of the flags.
531551
 .SH OPTIONS
531551
@@ -58,9 +55,6 @@ Unshare the network namespace.
531551
 .TP
531551
 .BR \-p , " \-\-pid"
531551
 Unshare the pid namespace.
531551
-.TP
531551
-.BR \-U , " \-\-user"
531551
-Unshare the user namespace.
531551
 .SH SEE ALSO
531551
 .BR unshare (2),
531551
 .BR clone (2)
531551
diff -up util-linux-2.23.2/sys-utils/unshare.c.kzak util-linux-2.23.2/sys-utils/unshare.c
531551
--- util-linux-2.23.2/sys-utils/unshare.c.kzak	2014-03-12 12:39:46.385858383 +0100
531551
+++ util-linux-2.23.2/sys-utils/unshare.c	2014-03-12 12:44:49.955005384 +0100
531551
@@ -45,7 +45,6 @@ static void usage(int status)
531551
 	fputs(_(" -i, --ipc         unshare System V IPC namespace\n"), out);
531551
 	fputs(_(" -n, --net         unshare network namespace\n"), out);
531551
 	fputs(_(" -p, --pid         unshare pid namespace\n"), out);
531551
-	fputs(_(" -U, --user        unshare user namespace\n"), out);
531551
 
531551
 	fputs(USAGE_SEPARATOR, out);
531551
 	fputs(USAGE_HELP, out);
531551
@@ -65,7 +64,6 @@ int main(int argc, char *argv[])
531551
 		{ "ipc", no_argument, 0, 'i' },
531551
 		{ "net", no_argument, 0, 'n' },
531551
 		{ "pid", no_argument, 0, 'p' },
531551
-		{ "user", no_argument, 0, 'U' },
531551
 		{ NULL, 0, 0, 0 }
531551
 	};
531551
 
531551
@@ -78,7 +76,7 @@ int main(int argc, char *argv[])
531551
 	textdomain(PACKAGE);
531551
 	atexit(close_stdout);
531551
 
531551
-	while ((c = getopt_long(argc, argv, "hVmuinpU", longopts, NULL)) != -1) {
531551
+	while ((c = getopt_long(argc, argv, "hVmuinp", longopts, NULL)) != -1) {
531551
 		switch (c) {
531551
 		case 'h':
531551
 			usage(EXIT_SUCCESS);
531551
@@ -100,9 +98,6 @@ int main(int argc, char *argv[])
531551
 		case 'p':
531551
 			unshare_flags |= CLONE_NEWPID;
531551
 			break;
531551
-		case 'U':
531551
-			unshare_flags |= CLONE_NEWUSER;
531551
-			break;
531551
 		default:
531551
 			usage(EXIT_FAILURE);
531551
 		}