roypur/wireguard-setup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Create network namespace in c

Browse Source
This commit is contained in:
Roy Olav Purser
2024-05-16 00:27:38 +02:00
parent e8d8e1f5be
commit ef0d8c75bd
2 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/wireguard-mount.c
View File

@@ -1,13 +1,28 @@
#define _GNU_SOURCE
#include <stdio.h> #include <stdio.h>
#include <sys/mount.h> #include <sys/mount.h>
#include <systemd/sd-daemon.h> #include <systemd/sd-daemon.h>
#include <unistd.h> #include <unistd.h>
#include <sched.h>
#include <sys/stat.h>
int main() { int main() {
int err = unshare(CLONE_NEWNET);
if (err) {
perror("Error");
return 1;
}
err = mkdir("/run/vpn", 0755);
if (err) {
perror("Error");
}
char mount_path[32] = {0}; char mount_path[32] = {0};
snprintf(mount_path, sizeof(mount_path), "/proc/%d/ns", getpid()); snprintf(mount_path, sizeof(mount_path), "/proc/%d/ns", getpid());
int err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL); err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
if (err) { if (err) {
perror("Error"); perror("Error");
return 1; return 1;

4
systemd/wireguard-mount.service
View File

@@ -7,11 +7,7 @@ RefuseManualStop=true
[Service] [Service]
Type=notify Type=notify
NotifyAccess=main NotifyAccess=main
RuntimeDirectory=vpn
RuntimeDirectoryMode=0755
ExecStart=/snacks/wireguard/bin/wireguard-mount ExecStart=/snacks/wireguard/bin/wireguard-mount
PrivateNetwork=true
PrivateMounts=false
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target