Added bash demo for userns-block-fd

containers · Oct 2, 2023 · 465c349 · 465c349
1 parent 4a7bb29
commit 465c349
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/demos/userns-block-fd.sh b/demos/userns-block-fd.sh
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+# This is an example of using the userns-block feature with bash.
+
+# info pipe
+exec 10<> <(:)
+# userns_block pipe
+exec 11<> <(:)
+
+userns_setup() {
+    child_pid=$(jq -rn 'input | .["child-pid"]' <&10)
+    newuidmap $child_pid 0 $(id -u) 1
+    newgidmap $child_pid 0 $(id -g) 1
+    echo 1 >&11
+    exec 11>&-
+}
+userns_setup 10<&10 11>&11 &
+
+bwrap                       \
+    --unshare-all           \
+    --unshare-user          \
+    --userns-block-fd 11    \
+    --info-fd 10            \
+    --bind / /              \
+    cat /proc/self/uid_map  \
+    10>&10 11<&11