int main(int argc, char *argv[])
{
struct nsjconf_t nsjconf;
if (!cmdlineParse(argc, argv, &nsjconf)) {
exit(1);
}
if (nsjconf.clone_newuser == false && geteuid() != 0) {
LOG_W("--disable_clone_newuser requires root() privs");
}
if (nsjconf.daemonize && (daemon(0, 0) == -1)) {
PLOG_F("daemon");
}
cmdlineLogParams(&nsjconf);
if (nsjailSetSigHandlers() == false) {
exit(1);
}
if (nsjailSetTimer() == false) {
exit(1);
}
if (nsjconf.mode == MODE_LISTEN_TCP) {
nsjailListenMode(&nsjconf);
} else {
return nsjailStandaloneMode(&nsjconf);
}
return 0;
}
int main(int argc, char *argv[])
{
struct nsjconf_t nsjconf = {
.hostname = "NSJAIL",
.chroot = "/chroot",
.argv = NULL,
.port = 31337,
.uid = -1,
.gid = -1,
.daemonize = false,
.tlimit = 0,
.apply_sandbox = true,
.verbose = false,
.keep_caps = false,
.rl_as = 512 * (1024 * 1024),
.rl_core = 0,
.rl_cpu = 600,
.rl_fsize = 1 * (1024 * 1024),
.rl_nofile = 32,
.rl_nproc = cmdlineParseRLimit(RLIMIT_NPROC, "def", 1),
.rl_stack = cmdlineParseRLimit(RLIMIT_STACK, "def", 1),
.personality = 0,
.clone_newnet = true,
.clone_newuser = true,
.clone_newns = true,
.clone_newpid = true,
.clone_newipc = true,
.clone_newuts = true,
.mode = MODE_LISTEN_TCP,
.is_root_rw = false,
.is_silent = false,
.bindmountpts = NULL,
.tmpfsmountpts = NULL,
.initial_uid = getuid(),
.initial_gid = getgid(),
.max_conns_per_ip = 0,
};
if (!cmdlineParse(argc, argv, &nsjconf)) {
exit(1);
}
if (nsjconf.clone_newuser == false && geteuid() != 0) {
LOG_E("--disable_clone_newuser requires root() privs");
}
if (nsjconf.daemonize && (daemon(0, 0) == -1)) {
PLOG_F("daemon");
}
cmdlineLogParams(&nsjconf);
if (nsjailSetSigHandlers() == false) {
exit(1);
}
if (nsjailSetTimer() == false) {
exit(1);
}
if (nsjconf.mode == MODE_LISTEN_TCP) {
nsjailListenMode(&nsjconf);
} else {
nsjailStandaloneMode(&nsjconf);
}
return 0;
}