security/hakurei
6
3
Fork 1
Code Issues 11 Pull Requests 1 Actions 2 Packages Projects Releases 14 Wiki Activity

container/init: configure interface lo
All checks were successful
Test / Create distribution (push) Successful in 47s
Details
Test / Sandbox (push) Successful in 2m52s
Details
Test / ShareFS (push) Successful in 4m47s
Details
Test / Hpkg (push) Successful in 5m10s
Details
Test / Sandbox (race detector) (push) Successful in 5m20s
Details
Test / Hakurei (push) Successful in 5m48s
Details
Test / Hakurei (race detector) (push) Successful in 7m39s
Details
Test / Flake checks (push) Successful in 1m42s
Details

Browse Source 
This enables loopback networking when owning the net namespace.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2026-01-11 03:32:21 +09:00
parent da3848b92f
commit 2494ede106
7 changed files with 353 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
container/init.go
View File

@@ -170,6 +170,10 @@ func initEntrypoint(k syscallDispatcher, msg message.Msg) {
offsetSetup = int(setupFd + 1)
}
if !params.HostNet {
k.mustLoopback(msg)
}
// write uid/gid map here so parent does not need to set dumpable
if err := k.setDumpable(SUID_DUMP_USER); err != nil {
k.fatalf(msg, "cannot set SUID_DUMP_USER: %v", err)