summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xnetjail/netjail-init.sh3
-rwxr-xr-xnetjail/netjail.sh2
2 files changed, 4 insertions, 1 deletions
diff --git a/netjail/netjail-init.sh b/netjail/netjail-init.sh
index a16eb82..7fd0dd5 100755
--- a/netjail/netjail-init.sh
+++ b/netjail/netjail-init.sh
@@ -9,6 +9,9 @@
#
set -eu
+# Be extra safe, even though sudo should already do this.
+export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
# Setup virtual bridge which we will use to connect all
# of the builder networks to.
diff --git a/netjail/netjail.sh b/netjail/netjail.sh
index b07927b..df4df1a 100755
--- a/netjail/netjail.sh
+++ b/netjail/netjail.sh
@@ -48,4 +48,4 @@ ip netns exec "$NAME" ip route add default via 10.42.42.1
# Finally, run whatever the user's command was
ME=${SUDO_USER:?must run in sudo}
-exec unshare -pf -- ip netns exec "$NAME" sudo -u "$ME" -- "$@"
+exec unshare -pf --mount-proc -- ip netns exec "$NAME" sudo -u "$ME" -- "$@"
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-09 05:32:14 +0000