History log of /unit/src/nxt_clone.c (Results 1 – 5 of 5)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 2153:37bccff06c9f 18-Jun-2022 Alejandro Colomar

Replaced Linux syscall macros by libc macros.

User-space programs should use the SYS_*form, as documented in
syscall(2). That also adds compatibility to non-Linux systems.


Revision tags: 1.27.0-1, 1.27.0
# 2078:0996dd223cdd 18-Dec-2021 Alejandro Colomar

Fixed indentation.

Some lines (incorrectly) had an indentation of 3 or 5, or 7 or 9,
or 11 or 13, or 15 or 17 spaces instead of 4, 8, 12, or 16. Fix them.

Found with:

$ find src -type f | xargs g

Fixed indentation.

Some lines (incorrectly) had an indentation of 3 or 5, or 7 or 9,
or 11 or 13, or 15 or 17 spaces instead of 4, 8, 12, or 16. Fix them.

Found with:

$ find src -type f | xargs grep -n '^ [^ ]';
$ find src -type f | xargs grep -n '^ [^ *]';
$ find src -type f | xargs grep -n '^ [^ ]';
$ find src -type f | xargs grep -n '^ [^ *]';
$ find src -type f | xargs grep -n '^ [^ +]';
$ find src -type f | xargs grep -n '^ [^ *+]';
$ find src -type f | xargs grep -n '^ [^ +]';
$ find src -type f | xargs grep -n '^ [^ *+]';

show more ...


Revision tags: 1.26.1-1, 1.26.1, 1.26.0-1, 1.26.0, 1.25.0-1, 1.25.0, 1.24.0-1, 1.24.0, 1.23.0-1, 1.23.0, 1.22.0-1, 1.22.0, 1.21.0-1, 1.21.0, 1.20.0-1, 1.20.0, 1.19.0-1, 1.19.0, 1.18.0-1, 1.18.0, 1.17.0-1, 1.17.0, 1.16.0-1, 1.16.0, 1.15.0-1, 1.15.0, 1.14.0-1, 1.14.0
# 1306:3604d05e48be 06-Dec-2019 Tiago Natel

Isolation: allowed the use of credentials with unpriv userns.

The setuid/setgid syscalls requires root capabilities but if the kernel
supports unprivileged user namespace then the child process has

Isolation: allowed the use of credentials with unpriv userns.

The setuid/setgid syscalls requires root capabilities but if the kernel
supports unprivileged user namespace then the child process has the full
set of capabilities in the new namespace, then we can allow setting "user"
and "group" in such cases (this is a common security use case).

Tests were added to ensure user gets meaningful error messages for
uid/gid mapping misconfigurations.

show more ...


Revision tags: 1.13.0-1, 1.13.0, 1.12.0-1, 1.12.0
# 1201:563e00547881 20-Sep-2019 Tiago Natel

Closing leaking file descriptor.

Found by Coverity (CID 349484).


Revision tags: 1.11.0-2, 1.11.0-1, 1.11.0
# 1182:325b315e48c4 19-Sep-2019 Tiago de Bem Natel de Moura

Initial applications isolation support using Linux namespaces.