isolation (1306:3604d05e48be) isolation (1489:4a3ec07f4b19)
1# Copyright (C) Igor Sysoev
2# Copyright (C) NGINX, Inc.
3
4# Linux clone syscall.
5
6NXT_ISOLATION=NO
7NXT_HAVE_CLONE=NO
8NXT_HAVE_CLONE_NEWUSER=NO
1# Copyright (C) Igor Sysoev
2# Copyright (C) NGINX, Inc.
3
4# Linux clone syscall.
5
6NXT_ISOLATION=NO
7NXT_HAVE_CLONE=NO
8NXT_HAVE_CLONE_NEWUSER=NO
9NXT_HAVE_MOUNT=NO
10NXT_HAVE_UNMOUNT=NO
11NXT_HAVE_ROOTFS=NO
9
10nsflags="USER NS PID NET UTS CGROUP"
11
12nxt_feature="clone(2)"
13nxt_feature_name=NXT_HAVE_CLONE
14nxt_feature_run=no
15nxt_feature_incs=
16nxt_feature_libs=

--- 33 unchanged lines hidden (view full) ---

50 if [ "$NXT_ISOLATION" = "NO" ]; then
51 NXT_ISOLATION=$flag
52 else
53 NXT_ISOLATION="$NXT_ISOLATION $flag"
54 fi
55 fi
56 done
57fi
12
13nsflags="USER NS PID NET UTS CGROUP"
14
15nxt_feature="clone(2)"
16nxt_feature_name=NXT_HAVE_CLONE
17nxt_feature_run=no
18nxt_feature_incs=
19nxt_feature_libs=

--- 33 unchanged lines hidden (view full) ---

53 if [ "$NXT_ISOLATION" = "NO" ]; then
54 NXT_ISOLATION=$flag
55 else
56 NXT_ISOLATION="$NXT_ISOLATION $flag"
57 fi
58 fi
59 done
60fi
61
62
63nxt_feature="Linux pivot_root()"
64nxt_feature_name=NXT_HAVE_PIVOT_ROOT
65nxt_feature_run=no
66nxt_feature_incs=
67nxt_feature_libs=
68nxt_feature_test="#include <sys/syscall.h>
69
70 int main() {
71 return __NR_pivot_root;
72 }"
73. auto/feature
74
75
76nxt_feature="prctl(PR_SET_NO_NEW_PRIVS)"
77nxt_feature_name=NXT_HAVE_PR_SET_NO_NEW_PRIVS0
78nxt_feature_run=no
79nxt_feature_incs=
80nxt_feature_libs=
81nxt_feature_test="#include <sys/prctl.h>
82
83 int main() {
84 return PR_SET_NO_NEW_PRIVS;
85 }"
86. auto/feature
87
88
89nxt_feature="Linux mount()"
90nxt_feature_name=NXT_HAVE_LINUX_MOUNT
91nxt_feature_run=no
92nxt_feature_incs=
93nxt_feature_libs=
94nxt_feature_test="#include <sys/mount.h>
95
96 int main() {
97 return mount((void*)0, (void*)0, (void*)0, 0, (void*)0);
98 }"
99. auto/feature
100
101if [ $nxt_found = yes ]; then
102 NXT_HAVE_MOUNT=YES
103fi
104
105
106nxt_feature="Bind mount()"
107nxt_feature_name=NXT_HAVE_BIND_MOUNT
108nxt_feature_run=no
109nxt_feature_incs=
110nxt_feature_libs=
111nxt_feature_test="#include <sys/mount.h>
112
113 int main() {
114 return MS_BIND | MS_REC
115 }"
116. auto/feature
117
118if [ $nxt_found = yes ]; then
119 NXT_HAVE_MOUNT=YES
120fi
121
122
123if [ $nxt_found = no ]; then
124 nxt_feature="FreeBSD nmount()"
125 nxt_feature_name=NXT_HAVE_FREEBSD_NMOUNT
126 nxt_feature_run=no
127 nxt_feature_incs=
128 nxt_feature_libs=
129 nxt_feature_test="#include <sys/mount.h>
130
131 int main() {
132 return nmount((void *)0, 0, 0);
133 }"
134 . auto/feature
135
136 if [ $nxt_found = yes ]; then
137 NXT_HAVE_MOUNT=YES
138 fi
139fi
140
141
142nxt_feature="Linux umount2()"
143nxt_feature_name=NXT_HAVE_LINUX_UMOUNT2
144nxt_feature_run=no
145nxt_feature_incs=
146nxt_feature_libs=
147nxt_feature_test="#include <sys/mount.h>
148
149 int main() {
150 return umount2((void *)0, 0);
151 }"
152. auto/feature
153
154if [ $nxt_found = yes ]; then
155 NXT_HAVE_UNMOUNT=YES
156fi
157
158if [ $nxt_found = no ]; then
159 nxt_feature="unmount()"
160 nxt_feature_name=NXT_HAVE_UNMOUNT
161 nxt_feature_run=no
162 nxt_feature_incs=
163 nxt_feature_libs=
164 nxt_feature_test="#include <sys/mount.h>
165
166 int main() {
167 return unmount((void *)0, 0);
168 }"
169 . auto/feature
170
171 if [ $nxt_found = yes ]; then
172 NXT_HAVE_UNMOUNT=YES
173 fi
174fi
175
176if [ $NXT_HAVE_MOUNT = YES -a $NXT_HAVE_UNMOUNT = YES ]; then
177 NXT_HAVE_ROOTFS=YES
178
179 cat << END >> $NXT_AUTO_CONFIG_H
180
181#ifndef NXT_HAVE_ISOLATION_ROOTFS
182#define NXT_HAVE_ISOLATION_ROOTFS 1
183#endif
184
185END
186
187fi