We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Since the last release 1.5, I get the following error:
[2017-07-25T15:24:17+0000] [F][1] capsGetCap():135 cap_get_flag(id=37, type=2): Invalid argument
From a Debian:
$ uname -a Linux gozy-01-int 4.9.0-0.bpo.3-amd64 #1 SMP Debian 4.9.30-2~bpo8+1 (2017-06-14) x86_64 GNU/Linux
Guess it is linked to CAP_AUDIT_READ (id=37). Not sure if I'm missing something or if nsjail is doing something wrong ? Thanks for the help.
CAP_AUDIT_READ
Here is the actual call:
# nsjail --chroot / -- /bin/sh -i [2017-07-25T16:04:44+0000] Mode: STANDALONE_ONCE [2017-07-25T16:04:44+0000] Jail parameters: hostname:'NSJAIL', chroot:'/', process:'/bin/sh', bind:[::]:0, max_conns_per_ip:0, time_limit:0, personality:0, daemonize:false, clone_newnet:true, clone_newuser:true, clone_newns:true, clone_newpid:true, clone_newipc:true, clonew_newuts:true, clone_newcgroup:false, keep_caps:false, tmpfs_size:4194304, disable_no_new_privs:false, max_cpus:0 [2017-07-25T16:04:44+0000] Mount point: src:'/' dst:'/' type:'' flags:MS_RDONLY|MS_BIND|MS_REC|0 options:'' isDir:true [2017-07-25T16:04:44+0000] Mount point: src:'[NULL]' dst:'/proc' type:'proc' flags:MS_RDONLY|0 options:'' isDir:true [2017-07-25T16:04:44+0000] Uid map: inside_uid:0 outside_uid:0 count:1 newuidmap:false [2017-07-25T16:04:44+0000] [W][12329] cmdlineLogParams():242 Process will be UID/EUID=0 in the global user namespace [2017-07-25T16:04:44+0000] Gid map: inside_gid:0 outside_gid:0 count:1 newgidmap:false [2017-07-25T16:04:44+0000] [W][12329] cmdlineLogParams():250 Process will be GID/EGID=0 in the global user namespace [2017-07-25T16:04:44+0000] [W][1] mountMount():202 mount('src:'[NULL]' dst:'/proc' type:'proc' flags:MS_RDONLY|0 options:'' isDir:true') src:'none' dst:'/dev/shm/nsjail.root//proc' failed: Operation not permitted [2017-07-25T16:04:45+0000] [F][1] capsGetCap():135 cap_get_flag(id=37, type=2): Invalid argument [2017-07-25T16:04:45+0000] PID: 12330 ([STANDALONE_MODE]) exited with status: 1, (PIDs left: 0)
The text was updated successfully, but these errors were encountered:
This is fixed in the master branch with 049fffb
Sorry, something went wrong.
Fixed. Thanks.
No branches or pull requests
Since the last release 1.5, I get the following error:
From a Debian:
Guess it is linked to
CAP_AUDIT_READ(id=37). Not sure if I'm missing something or if nsjail is doing something wrong ? Thanks for the help.Here is the actual call:
The text was updated successfully, but these errors were encountered: