user-namepsace: use macro instead of commenting out uid-mapping setup

Signed-off-by: lns <matzeton@googlemail.com>
author: lns <matzeton@googlemail.com> 2018-08-10 11:26:38 +0200
committer: lns <matzeton@googlemail.com> 2018-08-10 11:26:38 +0200
commit: 010eb1b2f519ab7995a6c295c9e6665cd890075f (patch)
tree: d9e66528c19222bdd2aca2fa744b239c65534fba
parent: f8497db5d14eb139820173dccba58989c4f9ca5c (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/src/jail.c b/src/jail.c
index e449c97..18b11c1 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -306,7 +306,9 @@ static int jail_childfn(prisoner_process *ctx)
     int i, s, master_fd, slave_fd;
     int unshare_flags = CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWIPC|
         CLONE_NEWNS/*|CLONE_NEWUSER*/;
-    //unsigned int ug_map[3] = { 0, 10000, 65535 };
+#if 0
+    unsigned int ug_map[3] = { 0, 10000, 65535 };
+#endif
     pid_t self_pid, child_pid;
 #ifdef HAVE_SECCOMP
     pseccomp_ctx *psc = NULL;
@@ -410,14 +412,14 @@ static int jail_childfn(prisoner_process *ctx)
 
             fs_basic_fs();
             socket_set_ifaddr(&ctx->client_psock, "lo", "127.0.0.1", "255.0.0.0");
-/*
+#if 0
             if (update_setgroups_self(0))
                 exit(EXIT_FAILURE);
             if (update_guid_map(getpid(), ug_map, 0))
                 exit(EXIT_FAILURE);
             if (update_guid_map(getpid(), ug_map, 1))
                 exit(EXIT_FAILURE);
-*/
+#endif
             close(master_fd);
             if (login_tty(slave_fd))
                 exit(EXIT_FAILURE);
author	lns <matzeton@googlemail.com>	2018-08-10 11:26:38 +0200
committer	lns <matzeton@googlemail.com>	2018-08-10 11:26:38 +0200
commit	010eb1b2f519ab7995a6c295c9e6665cd890075f (patch)
tree	d9e66528c19222bdd2aca2fa744b239c65534fba
parent	f8497db5d14eb139820173dccba58989c4f9ca5c (diff)