Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Understand gid mapping; build utility for it #143

Open
ezrizhu opened this issue Jan 13, 2024 · 3 comments · May be fixed by #145
Open

Understand gid mapping; build utility for it #143

ezrizhu opened this issue Jan 13, 2024 · 3 comments · May be fixed by #145
Assignees
@ezrizhu

Comments

@ezrizhu
Copy link
Collaborator

ezrizhu commented Jan 13, 2024

Current we have https://github.com/ezrizhu/gidmapper - we want to rewrite this in C for easier installation.
@ezrizhu ezrizhu self-assigned this Jan 13, 2024
@ezrizhu ezrizhu mentioned this issue Jan 13, 2024
Closed
3 tasks
@ezrizhu ezrizhu linked a pull request Mar 18, 2024 that will close this issue
Open
7 tasks
@mgree
Copy link
Contributor

mgree commented Jun 7, 2024

Rewriting it in C is not the important part. The main thing we have to do is understand whether or not such a gidmapper is safe and---if not---what we can do instead.

@mgree mgree changed the title rewrite gidwrapper Understand gid mapping; build utility for it Jun 7, 2024
@SleepyMug
Copy link
Collaborator

My understanding is that unshare command internally forks into two processes (for pid namespace). And when I was re-implementing that logic in Rust I can set uid/gid mappings from the parent process without needing additional utility.

@ezrizhu
Copy link
Collaborator Author

ezrizhu commented Jun 7, 2024

My understanding is that unshare command internally forks into two processes (for pid namespace). And when I was re-implementing that logic in Rust I can set uid/gid mappings from the parent process without needing additional utility.

that's correct, the main reason why gidmapper exists because we can't give a shell script the setgid cap.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ezrizhu ezrizhu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

uid/gidmapping binpash/try
3 participants
@mgree @SleepyMug @ezrizhu