mrtc0 · August 30, 2018 16:04
diff --git a/tarou.c b/tarou.c
 #define _GNU_SOURCE
 #include <stdio.h>
 #include <unistd.h>
 #include <errno.h>
 #include <string.h>
 #include <sys/types.h>
 #include <sys/apparmor.h>
 #include <sched.h>
 #include <sys/mount.h>
 #include <fcntl.h>

 int main()
 {
  char *const cmd[] = {"/bin/bash", NULL};
  int rc;

  rc = unshare(CLONE_NEWPID|CLONE_NEWNS);
  if (rc < 0) {
    perror("unshare failed\n");
    return -1;
  }

  if (mount("none", "/", NULL, MS_PRIVATE, NULL) == -1) {
    perror("mount failed");
    return -1;
  }

  if (mount("/var/lib/haconiwa/ubuntu", "/var/lib/haconiwa/ubuntu", "bind", MS_BIND | MS_REC, NULL) == -1) {
    printf("mount failed\n");
    return -1;
  }

  int oldroot = open("/", O_DIRECTORY | O_RDONLY);
  if (oldroot < 0) {
    perror("failed to open oldroot");
    return -1;
  }
  int newroot = open("/var/lib/haconiwa/ubuntu", O_DIRECTORY | O_RDONLY);
  if (newroot < 0) {
    perror("failed to open newroot ");
    return -1;
  }

  rc = fchdir(newroot);
  if (rc < 0) {
    perror("fchdir faild\n");
    return -1;
  }

  rc = aa_change_onexec("haconiwa-test");
  if (rc < 0) {
    perror("failed to aa_change_onexec");
    return -1;
  }

  // rc = pivot_root("/var/lib/haconiwa/ubuntu", "/var/lib/haconiwa/ubuntu");
  rc = pivot_root(".", ".");
  if (rc < 0) {
    perror("pivot_root failed\n");
    return -1;
  }

  rc = fchdir(oldroot);
  if (rc < 0) {
    perror("old dir fchdir faild\n");
    return -1;
  }

  pid_t pid = fork();

  if (pid == 0) {
    if (mount("/proc", "/proc", "proc", NULL, NULL) == -1) {
      printf("proc mount failed\n");
      return -1;
    }
    execv("/bin/bash", cmd);
  }

  printf("waiting...\n");
  waitpid(pid, 0, 0);
  printf("exited\n");
  return 0;
 }
	#define _GNU_SOURCE
	#include <stdio.h>
	#include <unistd.h>
	#include <errno.h>
	#include <string.h>
	#include <sys/types.h>
	#include <sys/apparmor.h>
	#include <sched.h>
	#include <sys/mount.h>
	#include <fcntl.h>

	int main()
	{
	char *const cmd[] = {"/bin/bash", NULL};
	int rc;

	rc = unshare(CLONE_NEWPID\|CLONE_NEWNS);
	if (rc < 0) {
	perror("unshare failed\n");
	return -1;
	}

	if (mount("none", "/", NULL, MS_PRIVATE, NULL) == -1) {
	perror("mount failed");
	return -1;
	}

	if (mount("/var/lib/haconiwa/ubuntu", "/var/lib/haconiwa/ubuntu", "bind", MS_BIND \| MS_REC, NULL) == -1) {
	printf("mount failed\n");
	return -1;
	}

	int oldroot = open("/", O_DIRECTORY \| O_RDONLY);
	if (oldroot < 0) {
	perror("failed to open oldroot");
	return -1;
	}
	int newroot = open("/var/lib/haconiwa/ubuntu", O_DIRECTORY \| O_RDONLY);
	if (newroot < 0) {
	perror("failed to open newroot ");
	return -1;
	}

	rc = fchdir(newroot);
	if (rc < 0) {
	perror("fchdir faild\n");
	return -1;
	}

	rc = aa_change_onexec("haconiwa-test");
	if (rc < 0) {
	perror("failed to aa_change_onexec");
	return -1;
	}

	// rc = pivot_root("/var/lib/haconiwa/ubuntu", "/var/lib/haconiwa/ubuntu");
	rc = pivot_root(".", ".");
	if (rc < 0) {
	perror("pivot_root failed\n");
	return -1;
	}

	rc = fchdir(oldroot);
	if (rc < 0) {
	perror("old dir fchdir faild\n");
	return -1;
	}

	pid_t pid = fork();

	if (pid == 0) {
	if (mount("/proc", "/proc", "proc", NULL, NULL) == -1) {
	printf("proc mount failed\n");
	return -1;
	}
	execv("/bin/bash", cmd);
	}

	printf("waiting...\n");
	waitpid(pid, 0, 0);
	printf("exited\n");
	return 0;
	}