execve(2) not launching system commandsLightweight userspace sandboxing of filesystemWhat are the ways and...
Single word that parallels "Recent" when discussing the near future
Should generated documentation be stored in a Git repository?
Is it wrong to omit object pronouns in these sentences?
How do I identify the partitions of my hard drive in order to then shred them all?
Source of the Wildfire?
Problem in downloading videos using youtube-dl from unsupported sites
How might a landlocked lake become a complete ecosystem?
Can my Serbian girlfriend apply for a UK Standard Visitor visa and stay for the whole 6 months?
Show solution to recurrence is never a square
Will casting a card from the graveyard with Flashback add a quest counter on Pyromancer Ascension?
Could there be a material that inverts the colours seen through it?
Motorola 6845 and bitwise graphics
White foam around tubeless tires
What information exactly does an instruction cache store?
Do Grothendieck universes matter for an algebraic geometer?
Was the dragon prowess intentionally downplayed in S08E04?
Why didn't the Avengers use this object earlier?
Would life always name the light from their sun "white"
Is 12 minutes connection in Bristol Temple Meads long enough?
Formal Definition of Dot Product
Help understanding this line - usage of くれる
Find the unknown area, x
Filter a data-frame and add a new column according to the given condition
Re-testing of regression test bug fixes or re-run regression tests?
execve(2) not launching system commands
Lightweight userspace sandboxing of filesystemWhat are the ways and risks of using linux namespaces as nonroot user?Separate DNS configuration in each network namespaceWhy is the “open” system call not featured in /usr/include/unistd.h ? (but “close” is)What happens to the mount namespace of an interrupted processWhat code prevents mount namespace loops? In a more complex case involving mount propagationWhy does `systemd-nspawn -n` network namespace not show in `ip netns list`Is linux mount propagation asynchronous to the mount call?Why can I not bind a mount namespace to a fileerror creating namespaces
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I am trying to implement a container, and for that I create a process using the clone(2) system call with the appropriate flags:
if ((child_pid = clone(child_main, process_struct.Stack + process_struct.StackPtr,
CLONE_NEWCGROUP
|CLONE_NEWIPC
|CLONE_NEWNET
|CLONE_NEWNS
|CLONE_NEWPID
|CLONE_NEWUTS
|SIGCHLD, &process_struct, checkpoint)) == -1){
fprintf(stderr,"Failed...%m n");
exit(EXIT_FAILURE);
}else{
fprintf(stderr,"Donen");
waitpid(child_pid, NULL, 0);
}
inside child_main() I Change the host name for the process's namespace, also i set the mount namespace, I installed a Linux file system hierarchy on a partition like a normal Linux installation (I did that to create a clean file system image clean of my files and binaries) and then I set the propagation type to MS_UNBINDABLE, then I pivot_root(2) to change my process's root directory.
const int child_main(struct process *process_struct, int *checkpoint){
char c;
fprintf(stderr,"=> IPC setup...");
//double check the IPC
close(checkpoint[1]);
fprintf(stderr,"Donen");
if ( sethostname(process_struct->Hostname,
strlen(process_struct->Hostname)) || mounting(process_struct)){
return -1;
}
// startup the IPC pipes
read(checkpoint[0], &c, 1);
if(execve("/bin/bash", (char*)0, NULL) == -1 ){
fprintf(stderr,"--> Launching process Failed %mn");
return -1;
}
return 0;
}
The problem is that my system goes over the execve(2) and does not launch the /bin/bash and the program flows without errors. When I add system(2) statement before the execve(2) : system("ls"); it lists the appropriate file system and current working directory. Also when I change the execve(2) paramters to either:
execve("/bin/ls", (char*)0, NULL) or execve("/bin/pstree", (char*)0, NULL) or any other parameter it will return an error of: No such file or directory or A NULL argv[0] was passed through an exec system call, also when I strace my program at the execve(2) system call it gives: NULL, 0, NULL) = 17992
update: the error has nothing to do with the file system image, I have performed more tests and are as the follwoing, I used for my mount namespaces my system's filesystem not the one I installed on a partition and running /bin/bash doesn't still work, I created a simple C program and compiled it, and it ran fine so there is something wrong that prevent bin/bash from being executed, to further test these results I reused for my mount namespaces the file system from my I moved the same executable to the file system first under "/" and second under the same path
my main system path to the executable= /home/omar/docs/test.out
my mounted file system from the partition path to the executable= /home/omar/docs/test.out
since I wanted to check if the same path might have caused a confusion while adding to each executable a statment so can tell which path did my program take, and it worked fine without any problem and correctly as expected, so the problem is just that system essential commands will not work.
c system-calls namespace container clone
asked May 10 at 13:24
o.awajano.awajan
174
|
show 6 more comments
I am trying to implement a container, and for that I create a process using the clone(2) system call with the appropriate flags:
if ((child_pid = clone(child_main, process_struct.Stack + process_struct.StackPtr,
CLONE_NEWCGROUP
|CLONE_NEWIPC
|CLONE_NEWNET
|CLONE_NEWNS
|CLONE_NEWPID
|CLONE_NEWUTS
|SIGCHLD, &process_struct, checkpoint)) == -1){
fprintf(stderr,"Failed...%m n");
exit(EXIT_FAILURE);
}else{
fprintf(stderr,"Donen");
waitpid(child_pid, NULL, 0);
}
inside child_main() I Change the host name for the process's namespace, also i set the mount namespace, I installed a Linux file system hierarchy on a partition like a normal Linux installation (I did that to create a clean file system image clean of my files and binaries) and then I set the propagation type to MS_UNBINDABLE, then I pivot_root(2) to change my process's root directory.
const int child_main(struct process *process_struct, int *checkpoint){
char c;
fprintf(stderr,"=> IPC setup...");
//double check the IPC
close(checkpoint[1]);
fprintf(stderr,"Donen");
if ( sethostname(process_struct->Hostname,
strlen(process_struct->Hostname)) || mounting(process_struct)){
return -1;
}
// startup the IPC pipes
read(checkpoint[0], &c, 1);
if(execve("/bin/bash", (char*)0, NULL) == -1 ){
fprintf(stderr,"--> Launching process Failed %mn");
return -1;
}
return 0;
}
The problem is that my system goes over the execve(2) and does not launch the /bin/bash and the program flows without errors. When I add system(2) statement before the execve(2) : system("ls"); it lists the appropriate file system and current working directory. Also when I change the execve(2) paramters to either:
execve("/bin/ls", (char*)0, NULL) or execve("/bin/pstree", (char*)0, NULL) or any other parameter it will return an error of: No such file or directory or A NULL argv[0] was passed through an exec system call, also when I strace my program at the execve(2) system call it gives: NULL, 0, NULL) = 17992
update: the error has nothing to do with the file system image, I have performed more tests and are as the follwoing, I used for my mount namespaces my system's filesystem not the one I installed on a partition and running /bin/bash doesn't still work, I created a simple C program and compiled it, and it ran fine so there is something wrong that prevent bin/bash from being executed, to further test these results I reused for my mount namespaces the file system from my I moved the same executable to the file system first under "/" and second under the same path
my main system path to the executable= /home/omar/docs/test.out
my mounted file system from the partition path to the executable= /home/omar/docs/test.out
since I wanted to check if the same path might have caused a confusion while adding to each executable a statment so can tell which path did my program take, and it worked fine without any problem and correctly as expected, so the problem is just that system essential commands will not work.
c system-calls namespace container clone
asked May 10 at 13:24
o.awajano.awajan
174
Are you sure it doesn’t launch it, and thenbashexits immediately?
– Stephen Kitt
May 10 at 13:28
yes, also the parent program resumes normally.
– o.awajan
May 10 at 13:45
Oh, sorry, yes,execvewould replace the program if it succeeded...
– Stephen Kitt
May 10 at 13:46
1
What happens if you pass a valid argv array to execve?
– Mark Plotnick
May 10 at 13:50
execve(2) will launch /bin/bash and replace the program, then it will exit immediately, as if the /bin/bash doesn't actually launch, in the question I specified what strace shows me at execve(2) which is ``` NULL, 0, NULL) = 17992```
– o.awajan
May 10 at 14:01
|
show 6 more comments
I am trying to implement a container, and for that I create a process using the clone(2) system call with the appropriate flags:
if ((child_pid = clone(child_main, process_struct.Stack + process_struct.StackPtr,
CLONE_NEWCGROUP
|CLONE_NEWIPC
|CLONE_NEWNET
|CLONE_NEWNS
|CLONE_NEWPID
|CLONE_NEWUTS
|SIGCHLD, &process_struct, checkpoint)) == -1){
fprintf(stderr,"Failed...%m n");
exit(EXIT_FAILURE);
}else{
fprintf(stderr,"Donen");
waitpid(child_pid, NULL, 0);
}
inside child_main() I Change the host name for the process's namespace, also i set the mount namespace, I installed a Linux file system hierarchy on a partition like a normal Linux installation (I did that to create a clean file system image clean of my files and binaries) and then I set the propagation type to MS_UNBINDABLE, then I pivot_root(2) to change my process's root directory.
const int child_main(struct process *process_struct, int *checkpoint){
char c;
fprintf(stderr,"=> IPC setup...");
//double check the IPC
close(checkpoint[1]);
fprintf(stderr,"Donen");
if ( sethostname(process_struct->Hostname,
strlen(process_struct->Hostname)) || mounting(process_struct)){
return -1;
}
// startup the IPC pipes
read(checkpoint[0], &c, 1);
if(execve("/bin/bash", (char*)0, NULL) == -1 ){
fprintf(stderr,"--> Launching process Failed %mn");
return -1;
}
return 0;
}
The problem is that my system goes over the execve(2) and does not launch the /bin/bash and the program flows without errors. When I add system(2) statement before the execve(2) : system("ls"); it lists the appropriate file system and current working directory. Also when I change the execve(2) paramters to either:
execve("/bin/ls", (char*)0, NULL) or execve("/bin/pstree", (char*)0, NULL) or any other parameter it will return an error of: No such file or directory or A NULL argv[0] was passed through an exec system call, also when I strace my program at the execve(2) system call it gives: NULL, 0, NULL) = 17992
update: the error has nothing to do with the file system image, I have performed more tests and are as the follwoing, I used for my mount namespaces my system's filesystem not the one I installed on a partition and running /bin/bash doesn't still work, I created a simple C program and compiled it, and it ran fine so there is something wrong that prevent bin/bash from being executed, to further test these results I reused for my mount namespaces the file system from my I moved the same executable to the file system first under "/" and second under the same path
my main system path to the executable= /home/omar/docs/test.out
my mounted file system from the partition path to the executable= /home/omar/docs/test.out
since I wanted to check if the same path might have caused a confusion while adding to each executable a statment so can tell which path did my program take, and it worked fine without any problem and correctly as expected, so the problem is just that system essential commands will not work.
c system-calls namespace container clone
asked May 10 at 13:24
o.awajano.awajan
174
I am trying to implement a container, and for that I create a process using the clone(2) system call with the appropriate flags:
if ((child_pid = clone(child_main, process_struct.Stack + process_struct.StackPtr,
CLONE_NEWCGROUP
|CLONE_NEWIPC
|CLONE_NEWNET
|CLONE_NEWNS
|CLONE_NEWPID
|CLONE_NEWUTS
|SIGCHLD, &process_struct, checkpoint)) == -1){
fprintf(stderr,"Failed...%m n");
exit(EXIT_FAILURE);
}else{
fprintf(stderr,"Donen");
waitpid(child_pid, NULL, 0);
}
inside child_main() I Change the host name for the process's namespace, also i set the mount namespace, I installed a Linux file system hierarchy on a partition like a normal Linux installation (I did that to create a clean file system image clean of my files and binaries) and then I set the propagation type to MS_UNBINDABLE, then I pivot_root(2) to change my process's root directory.
const int child_main(struct process *process_struct, int *checkpoint){
char c;
fprintf(stderr,"=> IPC setup...");
//double check the IPC
close(checkpoint[1]);
fprintf(stderr,"Donen");
if ( sethostname(process_struct->Hostname,
strlen(process_struct->Hostname)) || mounting(process_struct)){
return -1;
}
// startup the IPC pipes
read(checkpoint[0], &c, 1);
if(execve("/bin/bash", (char*)0, NULL) == -1 ){
fprintf(stderr,"--> Launching process Failed %mn");
return -1;
}
return 0;
}
The problem is that my system goes over the execve(2) and does not launch the /bin/bash and the program flows without errors. When I add system(2) statement before the execve(2) : system("ls"); it lists the appropriate file system and current working directory. Also when I change the execve(2) paramters to either:
execve("/bin/ls", (char*)0, NULL) or execve("/bin/pstree", (char*)0, NULL) or any other parameter it will return an error of: No such file or directory or A NULL argv[0] was passed through an exec system call, also when I strace my program at the execve(2) system call it gives: NULL, 0, NULL) = 17992
update: the error has nothing to do with the file system image, I have performed more tests and are as the follwoing, I used for my mount namespaces my system's filesystem not the one I installed on a partition and running /bin/bash doesn't still work, I created a simple C program and compiled it, and it ran fine so there is something wrong that prevent bin/bash from being executed, to further test these results I reused for my mount namespaces the file system from my I moved the same executable to the file system first under "/" and second under the same path
my main system path to the executable= /home/omar/docs/test.out
my mounted file system from the partition path to the executable= /home/omar/docs/test.out
since I wanted to check if the same path might have caused a confusion while adding to each executable a statment so can tell which path did my program take, and it worked fine without any problem and correctly as expected, so the problem is just that system essential commands will not work.
c system-calls namespace container clone
c system-calls namespace container clone
asked May 10 at 13:24
o.awajano.awajan
174
asked May 10 at 13:24
o.awajano.awajan
174
edited 2 hours ago
o.awajan
asked May 10 at 13:24
o.awajano.awajan
174
asked May 10 at 13:24
o.awajano.awajan
174
asked May 10 at 13:24
o.awajano.awajan
174
174
Are you sure it doesn’t launch it, and thenbashexits immediately?
– Stephen Kitt
May 10 at 13:28
yes, also the parent program resumes normally.
– o.awajan
May 10 at 13:45
Oh, sorry, yes,execvewould replace the program if it succeeded...
– Stephen Kitt
May 10 at 13:46
1
What happens if you pass a valid argv array to execve?
– Mark Plotnick
May 10 at 13:50
execve(2) will launch /bin/bash and replace the program, then it will exit immediately, as if the /bin/bash doesn't actually launch, in the question I specified what strace shows me at execve(2) which is ``` NULL, 0, NULL) = 17992```
– o.awajan
May 10 at 14:01
|
show 6 more comments
Are you sure it doesn’t launch it, and thenbashexits immediately?
– Stephen Kitt
May 10 at 13:28
yes, also the parent program resumes normally.
– o.awajan
May 10 at 13:45
Oh, sorry, yes,execvewould replace the program if it succeeded...
– Stephen Kitt
May 10 at 13:46
1
What happens if you pass a valid argv array to execve?
– Mark Plotnick
May 10 at 13:50
execve(2) will launch /bin/bash and replace the program, then it will exit immediately, as if the /bin/bash doesn't actually launch, in the question I specified what strace shows me at execve(2) which is ``` NULL, 0, NULL) = 17992```
– o.awajan
May 10 at 14:01
Are you sure it doesn’t launch it, and then
bash exits immediately?– Stephen Kitt
May 10 at 13:28
Are you sure it doesn’t launch it, and then
bash exits immediately?– Stephen Kitt
May 10 at 13:28
yes, also the parent program resumes normally.
– o.awajan
May 10 at 13:45
yes, also the parent program resumes normally.
– o.awajan
May 10 at 13:45
Oh, sorry, yes,
execve would replace the program if it succeeded...– Stephen Kitt
May 10 at 13:46
Oh, sorry, yes,
execve would replace the program if it succeeded...– Stephen Kitt
May 10 at 13:46
1
1
What happens if you pass a valid argv array to execve?
– Mark Plotnick
May 10 at 13:50
What happens if you pass a valid argv array to execve?
– Mark Plotnick
May 10 at 13:50
execve(2) will launch /bin/bash and replace the program, then it will exit immediately, as if the /bin/bash doesn't actually launch, in the question I specified what strace shows me at execve(2) which is ``` NULL, 0, NULL) = 17992```
– o.awajan
May 10 at 14:01
execve(2) will launch /bin/bash and replace the program, then it will exit immediately, as if the /bin/bash doesn't actually launch, in the question I specified what strace shows me at execve(2) which is ``` NULL, 0, NULL) = 17992```
– o.awajan
May 10 at 14:01
|
show 6 more comments
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f518237%2fexecve2-not-launching-system-commands%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f518237%2fexecve2-not-launching-system-commands%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Are you sure it doesn’t launch it, and then
bashexits immediately?– Stephen Kitt
May 10 at 13:28
yes, also the parent program resumes normally.
– o.awajan
May 10 at 13:45
Oh, sorry, yes,
execvewould replace the program if it succeeded...– Stephen Kitt
May 10 at 13:46
1
What happens if you pass a valid argv array to execve?
– Mark Plotnick
May 10 at 13:50
execve(2) will launch /bin/bash and replace the program, then it will exit immediately, as if the /bin/bash doesn't actually launch, in the question I specified what strace shows me at execve(2) which is ``` NULL, 0, NULL) = 17992```
– o.awajan
May 10 at 14:01