From ef0d8c75bd45873f0fd7d1408d42e05166f9887e Mon Sep 17 00:00:00 2001
From: Roy Olav Purser <admin@royolav.net>
Date: Thu, 16 May 2024 00:27:38 +0200
Subject: [PATCH] Create network namespace in c

---
 src/wireguard-mount.c           | 17 ++++++++++++++++-
 systemd/wireguard-mount.service |  4 ----
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/src/wireguard-mount.c b/src/wireguard-mount.c
index 4ba9be5..0b63c41 100644
--- a/src/wireguard-mount.c
+++ b/src/wireguard-mount.c
@@ -1,13 +1,28 @@
+#define _GNU_SOURCE
+
 #include <stdio.h>
 #include <sys/mount.h>
 #include <systemd/sd-daemon.h>
 #include <unistd.h>
+#include <sched.h>
+#include <sys/stat.h>
 
 int main() {
+    int err = unshare(CLONE_NEWNET);
+    if (err) {
+        perror("Error");
+        return 1;
+    }
+
+    err = mkdir("/run/vpn", 0755);
+    if (err) {
+        perror("Error");
+    }
+
     char mount_path[32] = {0};
     snprintf(mount_path, sizeof(mount_path), "/proc/%d/ns", getpid());
 
-    int err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
+    err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
     if (err) {
         perror("Error");
         return 1;
diff --git a/systemd/wireguard-mount.service b/systemd/wireguard-mount.service
index e593303..625d38f 100644
--- a/systemd/wireguard-mount.service
+++ b/systemd/wireguard-mount.service
@@ -7,11 +7,7 @@ RefuseManualStop=true
 [Service]
 Type=notify
 NotifyAccess=main
-RuntimeDirectory=vpn
-RuntimeDirectoryMode=0755
 ExecStart=/snacks/wireguard/bin/wireguard-mount
-PrivateNetwork=true
-PrivateMounts=false
 
 [Install]
 WantedBy=multi-user.target