prettify code

starter/ns_exec.c

@@ -36,8 +36,6 @@ void ro_fs(char* shared_mountpoint) {
     if (mount(shared_mountpoint, "shared", "ext4", MS_REMOUNT | MS_BIND, ""))       die("failed to mount: %m");
     free(shared_folder);
 }
-//#undef shared_mountpoint
-//#undef shared_folder
 #undef put_old
 
 void await_setup(int pipe) { // wait for signal from parent
@@ -76,5 +74,5 @@ static int nsrun(void* arg) {
         NULL,
     };
     if (execve(cmd, argv, env) == -1) die("failed to exec,%m");
-    return 1;
+    return 1;// removes warning
 }

starter/starter.c

@@ -39,7 +39,6 @@ struct killparams{
 #include "ns_exec.c"
 #include "cgroup_prepare.c"
 
-//bool TL_achieve=false;
 uint64_t time_start;
 
 // get time in milliseconds
@@ -96,7 +95,7 @@ static void prepare_userns(int pid) {
     int unprivileged_gid = 65534;// nogroup
 
     sprintf(path, "/proc/%d/uid_map", pid);
-    sprintf(line, "0 %d 1\n1 %d 1000\n", uid, unprivileged_uid);//map root to uid 0,nobody to uid 1000
+    sprintf(line, "0 %d 1\n1 %d 1000\n", uid, unprivileged_uid);// map root to uid 0,nobody to unprivileged uid
     write_file(path, line);
 
     sprintf(path, "/proc/%d/setgroups", pid);
@@ -104,18 +103,22 @@ static void prepare_userns(int pid) {
     write_file(path, line);
 
     sprintf(path, "/proc/%d/gid_map", pid);
-    sprintf(line, "0 %d 1\n1 %d 1000\n", gid, unprivileged_gid);//map root to gid 0,nogroup to gid 1000
+    sprintf(line, "0 %d 1\n1 %d 1000\n", gid, unprivileged_gid);// map root to gid 0,nogroup to unprivileged gid
     write_file(path, line);
 }
 
+static void get_real_path(char* path) {
+    if (realpath (argv[0], path) == 0) die("unable to resolve real path: %m");// get absolute path to executable
+    for(int i = strlen(path); i > 0 && path[i] != '/';i--) path[i]=0;// cut filename to get directory name
+}
+
 int main(int argc,char** argv) {
-    if(setuid(0)) die("need to be run as root");
+    if(setuid(0)) die("must be run as root");
-    if(setgid(0)) die("need to be run as root");
+    if(setgid(0)) die("must be run as root");
-    //get binary folder
+    // get binary path
-    char bin_path[PATH_MAX];
+    char real_path[PATH_MAX];
-    if (realpath (argv[0], bin_path) == 0) die("unable to resolve real path: %m");//get absolute path to executable
+    get_real_path(real_path);
-    for(int i = strlen(bin_path); i > 0 && bin_path[i] != '/';i--) bin_path[i]=0;//cut filename to get directory name
+    if(chdir(real_path)) die("unable to chdir to binary path: %m");
-    if(chdir(bin_path)) die("unable to chdir to binary path: %m");
     // set random seed
     srand(time(NULL));
     // setup parameters
@@ -128,7 +131,6 @@ int main(int argc,char** argv) {
     if (pipe(params.fd) < 0) die("can't open pipe: %m");// a pipe to report readiness
     int clone_flags = SIGCHLD | CLONE_NEWUTS | CLONE_NEWUSER | CLONE_NEWNS | CLONE_NEWPID | CLONE_NEWNET | CLONE_NEWIPC | CLONE_NEWCGROUP;
     int nsrun_pid = clone(nsrun, nmstack + STACK_SIZE, clone_flags, &params);// make new namespace
-    //int pipe = params.fd[1];
     prepare_userns(nsrun_pid);
     if (nsrun_pid < 0) die("faled to clone");
     add_to_cgroup(nsrun_pid);