mirror of
https://github.com/xcat2/confluent.git
synced 2025-01-28 20:07:48 +00:00
9f45b0ed56
Aim is to support a few modes of operation: -tar.xz, extracted to memory (most inefficient, least dependency) -nfs read-only (less secure, more efficient, depends on getting nfs export just right) -nfs image read-only (same as above, but using squashfs to make overlay more easily happily) -gocryptfs on nfs (this provides encryption and integrity check)
18 lines
705 B
C
18 lines
705 B
C
#include <unistd.h>
|
|
#include <stdio.h>
|
|
#include <sys/mount.h>
|
|
#define __USE_GNU
|
|
#include <sched.h>
|
|
int main(int argc, char* argv[]) {
|
|
unshare(CLONE_NEWNS);
|
|
mount("/dev", "/sysroot/dev", NULL, MS_MOVE, NULL);
|
|
mount("/proc", "/sysroot/proc", NULL, MS_MOVE, NULL);
|
|
mount("/sys", "/sysroot/sys", NULL, MS_MOVE, NULL);
|
|
mount("/run", "/sysroot/run", NULL, MS_MOVE, NULL);
|
|
if (chdir("/sysroot") < 0) { fprintf(stderr, "Unable to chdir!\n"); }
|
|
mount("/sysroot", "/", NULL, MS_MOVE, NULL);
|
|
if (chroot(".") < 0) { fprintf(stderr, "Failed to chroot!\n"); }
|
|
if (chdir("/") < 0) { fprintf(stderr, "Unable to chdir after chroot!\n"); }
|
|
execl("/sbin/init", "/sbin/init", NULL);
|
|
}
|