int
main(int argc, char *argv[])
{
int fd;
if (argc < 2) {
fprintf(stderr, "Usage: %s /proc/PID/ns/FILE\n", argv[0]);
exit(EXIT_FAILURE);
}
display_creds_and_caps("Initial:\n");
printf("\n");
fd = open(argv[1], O_RDONLY); /* Get descriptor for namespace */
if (fd == -1)
errExit("open");
if (setns(fd, CLONE_NEWUSER) == -1) /* Join that namespace */
errExit("setns-1");
display_creds_and_caps("After setns():\n");
exit(EXIT_SUCCESS);
}
static void
test_setns(char *pname, int fd)
{
char path[PATH_MAX];
ssize_t s;
/* Display caller's user namespace ID */
s = readlink("/proc/self/ns/user", path, PATH_MAX);
if (s == -1)
errExit("readlink");
printf("%s readlink(\"/proc/self/ns/user\") ==> %s\n", pname, path);
/* Attempt to join the user namespace specified by 'fd' */
if (setns(fd, CLONE_NEWUSER) == -1)
printf("%s setns() failed: %s\n", pname, strerror(errno));
else {
printf("%s setns() succeeded\n", pname);
display_creds_and_caps(pname);
}
}