commit 1102f5a58d539ed72defe40fcc1078840d1b3778
author Dylan Reid <dgreid@chromium.org> Tue Sep 15 11:52:20 2015 -0700
committer Dylan Reid <dgreid@google.com> Wed Oct 21 14:31:27 2015 -0700
tree be9197a68870b482e917606281bb6b42f83a7c09
parent bfcafa7167266ed0dd8ef66f0cb28b0600aaeab5

minijail: Support entering an existing net namespace.

When launching a full OS as the jailed process, it is useful to first be
able to configure a network namespace and start the new process in that
namespace.

This adds the "-e<net namespace file>" optional argument to -e.  It
allows, for example, passing "-e/var/run/netns/newns" to minijail0.

Change-Id: I0613162072a1d14f10c58444c514f6d052c3d1e5
Signed-off-by: Dylan Reid <dgreid@chromium.org>

libminijail.h

diff --git a/libminijail.h b/libminijail.h
index 62e4007..bfce714 100644
--- a/libminijail.h
+++ b/libminijail.h
@@ -51,6 +51,7 @@
 void minijail_namespace_vfs(struct minijail *j);
 void minijail_namespace_enter_vfs(struct minijail *j, const char *ns_path);
 void minijail_namespace_net(struct minijail *j);
+void minijail_namespace_enter_net(struct minijail *j, const char *ns_path);
 /* Implies namespace_vfs and remount_proc_readonly.
  * WARNING: this is NOT THREAD SAFE. See the block comment in </libminijail.c>.
  */