Create network namespace in c

2024-05-16 00:27:38 +02:00 · 2024-05-16 00:27:38 +02:00 · ef0d8c75bd
commit ef0d8c75bd
parent e8d8e1f5be
2 changed files with 16 additions and 5 deletions
--- a/src/wireguard-mount.c
+++ b/src/wireguard-mount.c
@ -1,13 +1,28 @@
+#define _GNU_SOURCE
+
 #include <stdio.h>
 #include <sys/mount.h>
 #include <systemd/sd-daemon.h>
 #include <unistd.h>
+#include <sched.h>
+#include <sys/stat.h>

 int main() {
+    int err = unshare(CLONE_NEWNET);
+    if (err) {
+        perror("Error");
+        return 1;
+    }
+
+    err = mkdir("/run/vpn", 0755);
+    if (err) {
+        perror("Error");
+    }
+
    char mount_path[32] = {0};
    snprintf(mount_path, sizeof(mount_path), "/proc/%d/ns", getpid());

-    int err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
+    err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
    if (err) {
        perror("Error");
        return 1;
--- a/systemd/wireguard-mount.service
+++ b/systemd/wireguard-mount.service
@ -7,11 +7,7 @@ RefuseManualStop=true
 [Service]
 Type=notify
 NotifyAccess=main
-RuntimeDirectory=vpn
-RuntimeDirectoryMode=0755
 ExecStart=/snacks/wireguard/bin/wireguard-mount
-PrivateNetwork=true
-PrivateMounts=false

 [Install]
 WantedBy=multi-user.target