-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/14/2011 04:34 AM, Stef Bon wrote: > Hi, > > I've rewritten an existing pam module pam_script. What it does: > > . runs a script . unshare the mount namespace (if configured, > default yes) > > if the directory to chroot to is specfied it does also: > > . mount all the required directories like bin, lib, usr etcetera. . > chroot to this directory > > See: > > git clone git://gitorious.org/pam_script/pam_script.git pam_script > cd pam_script > > > Please some comments. Especially the starting of a session, is > this enough? If you look to the code you'll see that I've copied > from nspawn.c the check is_os_tree and mount_all functions, and > adjusted them a bit(is this ok?) > > In nspawn a lot more is done but I'm not that familiar with these > "low level" operations. So please comment on this. > > Stef _______________________________________________ systemd-devel > mailing list [email protected] > http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Did you look at extending pam_namespace? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6YL2IACgkQrlYvE4MpobPL9gCeJ4/aKVMKiGoAjD+K5cD7paZR xocAoJfTC3bYV/0Irzkp34eIwqClDCc4 =yZh7 -----END PGP SIGNATURE----- _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
