From 929a18c84826c1fbe24d54778c50a08be2c06022 Mon Sep 17 00:00:00 2001 From: melpon Date: Mon, 21 Oct 2024 15:30:51 +0900 Subject: [PATCH 1/2] =?UTF-8?q?/usr/lib64=20=E3=82=92=E8=BF=BD=E5=8A=A0?= =?UTF-8?q?=E3=81=97=E3=81=A6=E3=81=BF=E3=82=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cattleshed/cattleshed.conf.in | 67 +++-------------------------------- 1 file changed, 5 insertions(+), 62 deletions(-) diff --git a/cattleshed/cattleshed.conf.in b/cattleshed/cattleshed.conf.in index 5554979..e700621 100644 --- a/cattleshed/cattleshed.conf.in +++ b/cattleshed/cattleshed.conf.in @@ -23,7 +23,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/include,/opt/wandbox,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/opt/wandbox,/usr/share", "--rwmount=/tmp=./jail/tmp,/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", @@ -52,7 +52,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/include,/opt/wandbox,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/opt/wandbox,/usr/share", "--rwmount=/tmp=./jail/tmp,/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", @@ -80,7 +80,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/include,/opt/wandbox,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/opt/wandbox,/usr/share", "--rwmount=/tmp=./jail/tmp,/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", @@ -92,63 +92,6 @@ "output-limit-kill":262144, "output-limit-warn":131072, }, - "melpon2-sbcl":{ - "jail-command":[ - "/usr/bin/env", - "HOME=/home/jail", - "/usr/bin/nice", - "@CATTLESHED_BINDIR@/prlimit", - "--core=0", - "--cpu=30", - "--data=1073741824", - "--fsize=5242880", - "--nofile=1024", - "--nproc=128", - "--", - "@CATTLESHED_BINDIR@/cattlegrid", - "--uids=10000:1000000000", - "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/include,/opt/wandbox,/usr/share", - "--rwmount=/tmp=./jail/tmp,/home/jail=./store", - "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", - "--chdir=/home/jail", - "--", - ], - "program-duration":60, - "compile-time-limit":60, - "kill-wait":5, - "output-limit-kill":262144, - "output-limit-warn":131072, - }, - "melpon2-dotnetcore":{ - "jail-command":[ - "/usr/bin/env", - "HOME=/home/jail", - "/usr/bin/nice", - "@CATTLESHED_BINDIR@/prlimit", - "--core=0", - "--cpu=30", - "--data=1073741824", - "--fsize=5242880", - "--nofile=1024", - "--nproc=128", - "--", - "@CATTLESHED_BINDIR@/cattlegrid", - "--uids=10000:1000000000", - "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/include,/opt/wandbox,/usr/share", - "--rwmount=/tmp=./jail/tmp,/home/jail=./store", - "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", - "--chdir=/home/jail", - "--kill", - "--", - ], - "program-duration":60, - "compile-time-limit":60, - "kill-wait":5, - "output-limit-kill":262144, - "output-limit-warn":131072, - }, "melpon2-julia":{ "jail-command":[ "/usr/bin/env", @@ -166,7 +109,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/include,/opt/wandbox,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/opt/wandbox,/usr/share", "--rwmount=/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", @@ -195,7 +138,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/include,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/usr/share", "--rwmount=/tmp=./jail/tmp,/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", From 9be96edec5d2cac4d0164ce1e7d1804db09fcbe4 Mon Sep 17 00:00:00 2001 From: melpon Date: Mon, 21 Oct 2024 15:57:36 +0900 Subject: [PATCH 2/2] =?UTF-8?q?/usr/libexec=20=E3=81=A8=20/usr/sbin=20?= =?UTF-8?q?=E3=82=82=E5=85=A5=E3=82=8C=E3=82=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cattleshed/cattleshed.conf.in | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cattleshed/cattleshed.conf.in b/cattleshed/cattleshed.conf.in index e700621..3e7da25 100644 --- a/cattleshed/cattleshed.conf.in +++ b/cattleshed/cattleshed.conf.in @@ -23,7 +23,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/opt/wandbox,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/include,/usr/lib,/usr/lib64,/usr/libexec,/usr/sbin,/usr/share,/opt/wandbox", "--rwmount=/tmp=./jail/tmp,/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", @@ -52,7 +52,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/opt/wandbox,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/include,/usr/lib,/usr/lib64,/usr/libexec,/usr/sbin,/usr/share,/opt/wandbox", "--rwmount=/tmp=./jail/tmp,/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", @@ -80,7 +80,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/opt/wandbox,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/include,/usr/lib,/usr/lib64,/usr/libexec,/usr/sbin,/usr/share,/opt/wandbox", "--rwmount=/tmp=./jail/tmp,/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", @@ -109,7 +109,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/opt/wandbox,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/include,/usr/lib,/usr/lib64,/usr/libexec,/usr/sbin,/usr/share,/opt/wandbox", "--rwmount=/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail", @@ -138,7 +138,7 @@ "@CATTLESHED_BINDIR@/cattlegrid", "--uids=10000:1000000000", "--rootdir=./jail", - "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/lib,/usr/lib64,/usr/include,/usr/share", + "--mount=/bin,/etc,/lib,/lib64,/usr/bin,/usr/include,/usr/lib,/usr/lib64,/usr/libexec,/usr/sbin,/usr/share,/opt/wandbox", "--rwmount=/tmp=./jail/tmp,/home/jail=./store", "--devices=/dev/null,/dev/zero,/dev/full,/dev/random,/dev/urandom", "--chdir=/home/jail",