Create network namespace in c

src/wireguard-mount.c

@@ -1,13 +1,28 @@
+#define _GNU_SOURCE
+
 #include <stdio.h>
 #include <sys/mount.h>
 #include <systemd/sd-daemon.h>
 #include <unistd.h>
+#include <sched.h>
+#include <sys/stat.h>
 
 int main() {
+    int err = unshare(CLONE_NEWNET);
+    if (err) {
+        perror("Error");
+        return 1;
+    }
+
+    err = mkdir("/run/vpn", 0755);
+    if (err) {
+        perror("Error");
+    }
+
     char mount_path[32] = {0};
     snprintf(mount_path, sizeof(mount_path), "/proc/%d/ns", getpid());
 
-    int err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
+    err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
     if (err) {
         perror("Error");
         return 1;

systemd/wireguard-mount.service

@@ -7,11 +7,7 @@ RefuseManualStop=true
 [Service]
 Type=notify
 NotifyAccess=main
-RuntimeDirectory=vpn
-RuntimeDirectoryMode=0755
 ExecStart=/snacks/wireguard/bin/wireguard-mount
-PrivateNetwork=true
-PrivateMounts=false
 
 [Install]
 WantedBy=multi-user.target