~mser/pkg.mser.at

e4bbc3e125af3f51a87721be068c52a49bd4dd3e — cryzed 2 years ago 4d5a99c
Update comments
2 files changed, 4 insertions(+), 3 deletions(-)

M packages/unshare-net/PKGBUILD
M packages/unshare-net/unshare-net
M packages/unshare-net/PKGBUILD => packages/unshare-net/PKGBUILD +2 -2
@@ 1,14 1,14 @@
# Maintainer: Michael Serajnik <m at mser dot at>
pkgname=unshare-net
pkgver=9
pkgrel=1
pkgrel=2
pkgdesc="Selectively whitelist traffic to specified IPs and domains for target applications"
arch=("any")
url="https://git.sr.ht/~mser/pkg.mser.at/tree/master/item/packages/unshare-net"
license=("AGPL3")
depends=("python")
source=("unshare-net")
sha512sums=('9a8645754b8775ab1246d51a51c7609e302dcbfdf0df5bc65b70d3bf9502a4ddc8bd25bbb2429953565ad10665f1962ed2a49f4edbb50c7aecebf1a34dabc053')
sha512sums=('6c0bbaaf70c9fbdab5489d8076a6555e2318fdb2637c28133d3f30d47203bdcc2e08e273404b2809a0cdd99a10b36904890389b31f46d5ff888eb90ff45e397d')

package() {
  install -D --mode 755 "${srcdir}/unshare-net" --target-directory "${pkgdir}/usr/bin"

M packages/unshare-net/unshare-net => packages/unshare-net/unshare-net +2 -1
@@ 145,7 145,7 @@ def run(arguments: argparse.Namespace, command: list[str]) -> ExitCode:
    if not cgroup_mount_path:
        cgroup_mount_path = pathlib.Path(tempfile.mkdtemp(prefix="unshare-net-"))
        stderr(f"created {str(cgroup_mount_path)!r}")
        # These are the mount options by Arch Linux (systemd), so I assume they are fine
        # These are the mount options used by Arch Linux (systemd), so I assume they are fine
        mount("--types", "cgroup2", identifier, str(cgroup_mount_path), "--options", "defaults,nosuid,nodev,noexec")
        cgroup_mount_created = True



@@ 192,6 192,7 @@ def run(arguments: argparse.Namespace, command: list[str]) -> ExitCode:
        iptables_insert_rule(identifier, rule, ipv6=True)
    iptables_insert_rule("OUTPUT", ("--jump", identifier), ipv6=True)

    # We use --session-command so we can spawn a shell with job control too
    su_command = "su", arguments.user, "--session-command", *command
    stderr(shell_escape(su_command))
    process = subprocess.Popen(su_command)