diff --git a/Dockerfile b/Dockerfile index dd7130ad..30a74abb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,8 +12,7 @@ RUN apt-get -y update \ protobuf-compiler \ && rm -rf /var/lib/apt/lists/* -RUN git clone -b master --single-branch https://github.com/google/nsjail.git . \ - && git checkout dccf911fd2659e7b08ce9507c25b2b38ec2c5800 +RUN git clone -b 3.4 --depth 1 https://github.com/google/nsjail.git . RUN make # ------------------------------------------------------------------------------ @@ -29,20 +28,23 @@ RUN apt-get -y update \ tk-dev \ && rm -rf /var/lib/apt/lists/* -RUN git clone -b v2.6.5 --depth 1 https://github.com/pyenv/pyenv.git $PYENV_ROOT +RUN git clone -b v2.6.7 --depth 1 https://github.com/pyenv/pyenv.git $PYENV_ROOT COPY --link scripts/build_python.sh / # ------------------------------------------------------------------------------ FROM builder-py-base AS builder-py-3_13 -RUN /build_python.sh 3.13.5 +RUN /build_python.sh 3.13.6 # ------------------------------------------------------------------------------ FROM builder-py-base AS builder-py-3_13t -# This can't be bumped to latest until https://github.com/python/cpython/issues/135734 is resolved. -RUN /build_python.sh 3.13.2t +# https://github.com/python/cpython/issues/135734 will be released in 3.13.8 +# until then test-modules cannot be disabled for free-threaded 3.13. +ENV PYTHON_CONFIGURE_OPTS='--enable-optimizations --with-lto \ + --with-system-expat --without-ensurepip' +RUN /build_python.sh 3.13.6t # ------------------------------------------------------------------------------ FROM builder-py-base AS builder-py-3_14 -RUN /build_python.sh 3.14.0rc1 +RUN /build_python.sh 3.14.0rc2 # ------------------------------------------------------------------------------ FROM python:3.13-slim-bookworm AS base diff --git a/requirements/eval-deps.pip b/requirements/eval-deps.pip index 381ce0c8..ab2b1c9e 100644 --- a/requirements/eval-deps.pip +++ b/requirements/eval-deps.pip @@ -11,7 +11,7 @@ forbiddenfruit~=0.1 fuzzywuzzy~=0.18 kaleido~=0.2 lark~=1.2 -matplotlib~=3.10; python_version == "3.13" +matplotlib~=3.10.5 more-itertools~=10.7 networkx~=3.5 numpy~=2.3 diff --git a/snekbox/config_pb2.py b/snekbox/config_pb2.py index bd4e1123..0a94a9c1 100644 --- a/snekbox/config_pb2.py +++ b/snekbox/config_pb2.py @@ -2,11 +2,9 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # source: config.proto """Generated protocol buffer code.""" -from google.protobuf.internal import enum_type_wrapper +from google.protobuf.internal import builder as _builder from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool -from google.protobuf import message as _message -from google.protobuf import reflection as _reflection from google.protobuf import symbol_database as _symbol_database # @@protoc_insertion_point(imports) @@ -15,70 +13,19 @@ -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0c\x63onfig.proto\x12\x06nsjail\"a\n\x05IdMap\x12\x13\n\tinside_id\x18\x01 \x01(\t:\x00\x12\x14\n\noutside_id\x18\x02 \x01(\t:\x00\x12\x10\n\x05\x63ount\x18\x03 \x01(\r:\x01\x31\x12\x1b\n\x0cuse_newidmap\x18\x04 \x01(\x08:\x05\x66\x61lse\"\xca\x02\n\x07MountPt\x12\r\n\x03src\x18\x01 \x01(\t:\x00\x12\x18\n\x0eprefix_src_env\x18\x02 \x01(\t:\x00\x12\x15\n\x0bsrc_content\x18\x03 \x01(\x0c:\x00\x12\r\n\x03\x64st\x18\x04 \x02(\t:\x00\x12\x18\n\x0eprefix_dst_env\x18\x05 \x01(\t:\x00\x12\x10\n\x06\x66stype\x18\x06 \x01(\t:\x00\x12\x11\n\x07options\x18\x07 \x01(\t:\x00\x12\x16\n\x07is_bind\x18\x08 \x01(\x08:\x05\x66\x61lse\x12\x11\n\x02rw\x18\t \x01(\x08:\x05\x66\x61lse\x12\x0e\n\x06is_dir\x18\n \x01(\x08\x12\x17\n\tmandatory\x18\x0b \x01(\x08:\x04true\x12\x19\n\nis_symlink\x18\x0c \x01(\x08:\x05\x66\x61lse\x12\x15\n\x06nosuid\x18\r \x01(\x08:\x05\x66\x61lse\x12\x14\n\x05nodev\x18\x0e \x01(\x08:\x05\x66\x61lse\x12\x15\n\x06noexec\x18\x0f \x01(\x08:\x05\x66\x61lse\"F\n\x03\x45xe\x12\x0c\n\x04path\x18\x01 \x02(\t\x12\x0b\n\x03\x61rg\x18\x02 \x03(\t\x12\x0c\n\x04\x61rg0\x18\x03 \x01(\t\x12\x16\n\x07\x65xec_fd\x18\x04 \x01(\x08:\x05\x66\x61lse\"\xe5\x16\n\x0cNsJailConfig\x12\x0e\n\x04name\x18\x01 \x01(\t:\x00\x12\x13\n\x0b\x64\x65scription\x18\x02 \x03(\t\x12 \n\x04mode\x18\x03 \x01(\x0e\x32\x0c.nsjail.Mode:\x04ONCE\x12\x18\n\x08hostname\x18\x04 \x01(\t:\x06NSJAIL\x12\x0e\n\x03\x63wd\x18\x05 \x01(\t:\x01/\x12\x1b\n\x0cno_pivotroot\x18\x06 \x01(\x08:\x05\x66\x61lse\x12\x0f\n\x04port\x18\x07 \x01(\r:\x01\x30\x12\x14\n\x08\x62indhost\x18\x08 \x01(\t:\x02::\x12\x14\n\tmax_conns\x18\t \x01(\r:\x01\x30\x12\x1b\n\x10max_conns_per_ip\x18\n \x01(\r:\x01\x30\x12\x17\n\ntime_limit\x18\x0b \x01(\r:\x03\x36\x30\x30\x12\x15\n\x06\x64\x61\x65mon\x18\x0c \x01(\x08:\x05\x66\x61lse\x12\x13\n\x08max_cpus\x18\r \x01(\r:\x01\x30\x12\x0e\n\x06log_fd\x18\x0e \x01(\x05\x12\x10\n\x08log_file\x18\x0f \x01(\t\x12#\n\tlog_level\x18\x10 \x01(\x0e\x32\x10.nsjail.LogLevel\x12\x17\n\x08keep_env\x18\x11 \x01(\x08:\x05\x66\x61lse\x12\r\n\x05\x65nvar\x18\x12 \x03(\t\x12\x18\n\tkeep_caps\x18\x13 \x01(\x08:\x05\x66\x61lse\x12\x0b\n\x03\x63\x61p\x18\x14 \x03(\t\x12\x15\n\x06silent\x18\x15 \x01(\x08:\x05\x66\x61lse\x12\x1a\n\x0bskip_setsid\x18\x16 \x01(\x08:\x05\x66\x61lse\x12\x1d\n\x0estderr_to_null\x18\x17 \x01(\x08:\x05\x66\x61lse\x12\x0f\n\x07pass_fd\x18\x18 \x03(\x05\x12#\n\x14\x64isable_no_new_privs\x18\x19 \x01(\x08:\x05\x66\x61lse\x12\x17\n\trlimit_as\x18\x1a \x01(\x04:\x04\x34\x30\x39\x36\x12-\n\x0erlimit_as_type\x18\x1b \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x16\n\x0brlimit_core\x18\x1c \x01(\x04:\x01\x30\x12/\n\x10rlimit_core_type\x18\x1d \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x17\n\nrlimit_cpu\x18\x1e \x01(\x04:\x03\x36\x30\x30\x12.\n\x0frlimit_cpu_type\x18\x1f \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x17\n\x0crlimit_fsize\x18 \x01(\x04:\x01\x31\x12\x30\n\x11rlimit_fsize_type\x18! \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x19\n\rrlimit_nofile\x18\" \x01(\x04:\x02\x33\x32\x12\x31\n\x12rlimit_nofile_type\x18# \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x1a\n\x0crlimit_nproc\x18$ \x01(\x04:\x04\x31\x30\x32\x34\x12/\n\x11rlimit_nproc_type\x18% \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x17\n\x0crlimit_stack\x18& \x01(\x04:\x01\x38\x12/\n\x11rlimit_stack_type\x18\' \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x1a\n\x0erlimit_memlock\x18( \x01(\x04:\x02\x36\x34\x12\x31\n\x13rlimit_memlock_type\x18) \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x18\n\rrlimit_rtprio\x18* \x01(\x04:\x01\x30\x12\x30\n\x12rlimit_rtprio_type\x18+ \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x1d\n\x0frlimit_msgqueue\x18, \x01(\x04:\x04\x31\x30\x32\x34\x12\x32\n\x14rlimit_msgqueue_type\x18- \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x19\n\ndisable_rl\x18. \x01(\x08:\x05\x66\x61lse\x12)\n\x1apersona_addr_compat_layout\x18/ \x01(\x08:\x05\x66\x61lse\x12%\n\x16persona_mmap_page_zero\x18\x30 \x01(\x08:\x05\x66\x61lse\x12(\n\x19persona_read_implies_exec\x18\x31 \x01(\x08:\x05\x66\x61lse\x12%\n\x16persona_addr_limit_3gb\x18\x32 \x01(\x08:\x05\x66\x61lse\x12(\n\x19persona_addr_no_randomize\x18\x33 \x01(\x08:\x05\x66\x61lse\x12\x1a\n\x0c\x63lone_newnet\x18\x34 \x01(\x08:\x04true\x12\x1b\n\rclone_newuser\x18\x35 \x01(\x08:\x04true\x12\x19\n\x0b\x63lone_newns\x18\x36 \x01(\x08:\x04true\x12\x1a\n\x0c\x63lone_newpid\x18\x37 \x01(\x08:\x04true\x12\x1a\n\x0c\x63lone_newipc\x18\x38 \x01(\x08:\x04true\x12\x1a\n\x0c\x63lone_newuts\x18\x39 \x01(\x08:\x04true\x12\x1d\n\x0f\x63lone_newcgroup\x18: \x01(\x08:\x04true\x12\x1c\n\rclone_newtime\x18; \x01(\x08:\x05\x66\x61lse\x12\x1d\n\x06uidmap\x18< \x03(\x0b\x32\r.nsjail.IdMap\x12\x1d\n\x06gidmap\x18= \x03(\x0b\x32\r.nsjail.IdMap\x12\x19\n\nmount_proc\x18> \x01(\x08:\x05\x66\x61lse\x12\x1e\n\x05mount\x18? \x03(\x0b\x32\x0f.nsjail.MountPt\x12\x1b\n\x13seccomp_policy_file\x18@ \x01(\t\x12\x16\n\x0eseccomp_string\x18\x41 \x03(\t\x12\x1a\n\x0bseccomp_log\x18\x42 \x01(\x08:\x05\x66\x61lse\x12\x19\n\x0e\x63group_mem_max\x18\x43 \x01(\x04:\x01\x30\x12\x1f\n\x14\x63group_mem_memsw_max\x18[ \x01(\x04:\x01\x30\x12\x1f\n\x13\x63group_mem_swap_max\x18\\ \x01(\x03:\x02-1\x12/\n\x10\x63group_mem_mount\x18\x44 \x01(\t:\x15/sys/fs/cgroup/memory\x12!\n\x11\x63group_mem_parent\x18\x45 \x01(\t:\x06NSJAIL\x12\x1a\n\x0f\x63group_pids_max\x18\x46 \x01(\x04:\x01\x30\x12.\n\x11\x63group_pids_mount\x18G \x01(\t:\x13/sys/fs/cgroup/pids\x12\"\n\x12\x63group_pids_parent\x18H \x01(\t:\x06NSJAIL\x12!\n\x16\x63group_net_cls_classid\x18I \x01(\r:\x01\x30\x12\x34\n\x14\x63group_net_cls_mount\x18J \x01(\t:\x16/sys/fs/cgroup/net_cls\x12%\n\x15\x63group_net_cls_parent\x18K \x01(\t:\x06NSJAIL\x12 \n\x15\x63group_cpu_ms_per_sec\x18L \x01(\r:\x01\x30\x12,\n\x10\x63group_cpu_mount\x18M \x01(\t:\x12/sys/fs/cgroup/cpu\x12!\n\x11\x63group_cpu_parent\x18N \x01(\t:\x06NSJAIL\x12&\n\x0e\x63groupv2_mount\x18O \x01(\t:\x0e/sys/fs/cgroup\x12\x1b\n\x0cuse_cgroupv2\x18P \x01(\x08:\x05\x66\x61lse\x12\x1a\n\x0biface_no_lo\x18Q \x01(\x08:\x05\x66\x61lse\x12\x11\n\tiface_own\x18R \x03(\t\x12\x15\n\rmacvlan_iface\x18S \x01(\t\x12\"\n\rmacvlan_vs_ip\x18T \x01(\t:\x0b\x31\x39\x32.168.0.2\x12$\n\rmacvlan_vs_nm\x18U \x01(\t:\r255.255.255.0\x12\"\n\rmacvlan_vs_gw\x18V \x01(\t:\x0b\x31\x39\x32.168.0.1\x12\x17\n\rmacvlan_vs_ma\x18W \x01(\t:\x00\x12\x1e\n\rmacvlan_vs_mo\x18X \x01(\t:\x07private\x12\x16\n\nnice_level\x18Y \x01(\x05:\x02\x31\x39\x12\x1d\n\x08\x65xec_bin\x18Z \x01(\x0b\x32\x0b.nsjail.Exe*3\n\x04Mode\x12\n\n\x06LISTEN\x10\x00\x12\x08\n\x04ONCE\x10\x01\x12\t\n\x05RERUN\x10\x02\x12\n\n\x06\x45XECVE\x10\x03*B\n\x08LogLevel\x12\t\n\x05\x44\x45\x42UG\x10\x00\x12\x08\n\x04INFO\x10\x01\x12\x0b\n\x07WARNING\x10\x02\x12\t\n\x05\x45RROR\x10\x03\x12\t\n\x05\x46\x41TAL\x10\x04*0\n\x06RLimit\x12\t\n\x05VALUE\x10\x00\x12\x08\n\x04SOFT\x10\x01\x12\x08\n\x04HARD\x10\x02\x12\x07\n\x03INF\x10\x03') - -_MODE = DESCRIPTOR.enum_types_by_name['Mode'] -Mode = enum_type_wrapper.EnumTypeWrapper(_MODE) -_LOGLEVEL = DESCRIPTOR.enum_types_by_name['LogLevel'] -LogLevel = enum_type_wrapper.EnumTypeWrapper(_LOGLEVEL) -_RLIMIT = DESCRIPTOR.enum_types_by_name['RLimit'] -RLimit = enum_type_wrapper.EnumTypeWrapper(_RLIMIT) -LISTEN = 0 -ONCE = 1 -RERUN = 2 -EXECVE = 3 -DEBUG = 0 -INFO = 1 -WARNING = 2 -ERROR = 3 -FATAL = 4 -VALUE = 0 -SOFT = 1 -HARD = 2 -INF = 3 - - -_IDMAP = DESCRIPTOR.message_types_by_name['IdMap'] -_MOUNTPT = DESCRIPTOR.message_types_by_name['MountPt'] -_EXE = DESCRIPTOR.message_types_by_name['Exe'] -_NSJAILCONFIG = DESCRIPTOR.message_types_by_name['NsJailConfig'] -IdMap = _reflection.GeneratedProtocolMessageType('IdMap', (_message.Message,), { - 'DESCRIPTOR' : _IDMAP, - '__module__' : 'config_pb2' - # @@protoc_insertion_point(class_scope:nsjail.IdMap) - }) -_sym_db.RegisterMessage(IdMap) - -MountPt = _reflection.GeneratedProtocolMessageType('MountPt', (_message.Message,), { - 'DESCRIPTOR' : _MOUNTPT, - '__module__' : 'config_pb2' - # @@protoc_insertion_point(class_scope:nsjail.MountPt) - }) -_sym_db.RegisterMessage(MountPt) - -Exe = _reflection.GeneratedProtocolMessageType('Exe', (_message.Message,), { - 'DESCRIPTOR' : _EXE, - '__module__' : 'config_pb2' - # @@protoc_insertion_point(class_scope:nsjail.Exe) - }) -_sym_db.RegisterMessage(Exe) - -NsJailConfig = _reflection.GeneratedProtocolMessageType('NsJailConfig', (_message.Message,), { - 'DESCRIPTOR' : _NSJAILCONFIG, - '__module__' : 'config_pb2' - # @@protoc_insertion_point(class_scope:nsjail.NsJailConfig) - }) -_sym_db.RegisterMessage(NsJailConfig) +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0c\x63onfig.proto\x12\x06nsjail\"a\n\x05IdMap\x12\x13\n\tinside_id\x18\x01 \x01(\t:\x00\x12\x14\n\noutside_id\x18\x02 \x01(\t:\x00\x12\x10\n\x05\x63ount\x18\x03 \x01(\r:\x01\x31\x12\x1b\n\x0cuse_newidmap\x18\x04 \x01(\x08:\x05\x66\x61lse\"\xca\x02\n\x07MountPt\x12\r\n\x03src\x18\x01 \x01(\t:\x00\x12\x18\n\x0eprefix_src_env\x18\x02 \x01(\t:\x00\x12\x15\n\x0bsrc_content\x18\x03 \x01(\x0c:\x00\x12\r\n\x03\x64st\x18\x04 \x02(\t:\x00\x12\x18\n\x0eprefix_dst_env\x18\x05 \x01(\t:\x00\x12\x10\n\x06\x66stype\x18\x06 \x01(\t:\x00\x12\x11\n\x07options\x18\x07 \x01(\t:\x00\x12\x16\n\x07is_bind\x18\x08 \x01(\x08:\x05\x66\x61lse\x12\x11\n\x02rw\x18\t \x01(\x08:\x05\x66\x61lse\x12\x0e\n\x06is_dir\x18\n \x01(\x08\x12\x17\n\tmandatory\x18\x0b \x01(\x08:\x04true\x12\x19\n\nis_symlink\x18\x0c \x01(\x08:\x05\x66\x61lse\x12\x15\n\x06nosuid\x18\r \x01(\x08:\x05\x66\x61lse\x12\x14\n\x05nodev\x18\x0e \x01(\x08:\x05\x66\x61lse\x12\x15\n\x06noexec\x18\x0f \x01(\x08:\x05\x66\x61lse\"F\n\x03\x45xe\x12\x0c\n\x04path\x18\x01 \x02(\t\x12\x0b\n\x03\x61rg\x18\x02 \x03(\t\x12\x0c\n\x04\x61rg0\x18\x03 \x01(\t\x12\x16\n\x07\x65xec_fd\x18\x04 \x01(\x08:\x05\x66\x61lse\"\xc1\x17\n\x0cNsJailConfig\x12\x0e\n\x04name\x18\x01 \x01(\t:\x00\x12\x13\n\x0b\x64\x65scription\x18\x02 \x03(\t\x12 \n\x04mode\x18\x03 \x01(\x0e\x32\x0c.nsjail.Mode:\x04ONCE\x12\x18\n\x08hostname\x18\x04 \x01(\t:\x06NSJAIL\x12\x0e\n\x03\x63wd\x18\x05 \x01(\t:\x01/\x12\x1b\n\x0cno_pivotroot\x18\x06 \x01(\x08:\x05\x66\x61lse\x12\x0f\n\x04port\x18\x07 \x01(\r:\x01\x30\x12\x14\n\x08\x62indhost\x18\x08 \x01(\t:\x02::\x12\x14\n\tmax_conns\x18\t \x01(\r:\x01\x30\x12\x1b\n\x10max_conns_per_ip\x18\n \x01(\r:\x01\x30\x12\x17\n\ntime_limit\x18\x0b \x01(\r:\x03\x36\x30\x30\x12\x15\n\x06\x64\x61\x65mon\x18\x0c \x01(\x08:\x05\x66\x61lse\x12\x13\n\x08max_cpus\x18\r \x01(\r:\x01\x30\x12\x0e\n\x06log_fd\x18\x0e \x01(\x05\x12\x10\n\x08log_file\x18\x0f \x01(\t\x12#\n\tlog_level\x18\x10 \x01(\x0e\x32\x10.nsjail.LogLevel\x12\x17\n\x08keep_env\x18\x11 \x01(\x08:\x05\x66\x61lse\x12\r\n\x05\x65nvar\x18\x12 \x03(\t\x12\x18\n\tkeep_caps\x18\x13 \x01(\x08:\x05\x66\x61lse\x12\x0b\n\x03\x63\x61p\x18\x14 \x03(\t\x12\x15\n\x06silent\x18\x15 \x01(\x08:\x05\x66\x61lse\x12\x1a\n\x0bskip_setsid\x18\x16 \x01(\x08:\x05\x66\x61lse\x12\x1d\n\x0estderr_to_null\x18\x17 \x01(\x08:\x05\x66\x61lse\x12\x0f\n\x07pass_fd\x18\x18 \x03(\x05\x12#\n\x14\x64isable_no_new_privs\x18\x19 \x01(\x08:\x05\x66\x61lse\x12\x17\n\trlimit_as\x18\x1a \x01(\x04:\x04\x34\x30\x39\x36\x12-\n\x0erlimit_as_type\x18\x1b \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x16\n\x0brlimit_core\x18\x1c \x01(\x04:\x01\x30\x12/\n\x10rlimit_core_type\x18\x1d \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x17\n\nrlimit_cpu\x18\x1e \x01(\x04:\x03\x36\x30\x30\x12.\n\x0frlimit_cpu_type\x18\x1f \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x17\n\x0crlimit_fsize\x18 \x01(\x04:\x01\x31\x12\x30\n\x11rlimit_fsize_type\x18! \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x19\n\rrlimit_nofile\x18\" \x01(\x04:\x02\x33\x32\x12\x31\n\x12rlimit_nofile_type\x18# \x01(\x0e\x32\x0e.nsjail.RLimit:\x05VALUE\x12\x1a\n\x0crlimit_nproc\x18$ \x01(\x04:\x04\x31\x30\x32\x34\x12/\n\x11rlimit_nproc_type\x18% \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x17\n\x0crlimit_stack\x18& \x01(\x04:\x01\x38\x12/\n\x11rlimit_stack_type\x18\' \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x1a\n\x0erlimit_memlock\x18( \x01(\x04:\x02\x36\x34\x12\x31\n\x13rlimit_memlock_type\x18) \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x18\n\rrlimit_rtprio\x18* \x01(\x04:\x01\x30\x12\x30\n\x12rlimit_rtprio_type\x18+ \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x1d\n\x0frlimit_msgqueue\x18, \x01(\x04:\x04\x31\x30\x32\x34\x12\x32\n\x14rlimit_msgqueue_type\x18- \x01(\x0e\x32\x0e.nsjail.RLimit:\x04SOFT\x12\x19\n\ndisable_rl\x18. \x01(\x08:\x05\x66\x61lse\x12)\n\x1apersona_addr_compat_layout\x18/ \x01(\x08:\x05\x66\x61lse\x12%\n\x16persona_mmap_page_zero\x18\x30 \x01(\x08:\x05\x66\x61lse\x12(\n\x19persona_read_implies_exec\x18\x31 \x01(\x08:\x05\x66\x61lse\x12%\n\x16persona_addr_limit_3gb\x18\x32 \x01(\x08:\x05\x66\x61lse\x12(\n\x19persona_addr_no_randomize\x18\x33 \x01(\x08:\x05\x66\x61lse\x12\x1a\n\x0c\x63lone_newnet\x18\x34 \x01(\x08:\x04true\x12\x1b\n\rclone_newuser\x18\x35 \x01(\x08:\x04true\x12\x19\n\x0b\x63lone_newns\x18\x36 \x01(\x08:\x04true\x12\x1a\n\x0c\x63lone_newpid\x18\x37 \x01(\x08:\x04true\x12\x1a\n\x0c\x63lone_newipc\x18\x38 \x01(\x08:\x04true\x12\x1a\n\x0c\x63lone_newuts\x18\x39 \x01(\x08:\x04true\x12\x1d\n\x0f\x63lone_newcgroup\x18: \x01(\x08:\x04true\x12\x1c\n\rclone_newtime\x18; \x01(\x08:\x05\x66\x61lse\x12\x1d\n\x06uidmap\x18< \x03(\x0b\x32\r.nsjail.IdMap\x12\x1d\n\x06gidmap\x18= \x03(\x0b\x32\r.nsjail.IdMap\x12\x19\n\nmount_proc\x18> \x01(\x08:\x05\x66\x61lse\x12\x1e\n\x05mount\x18? \x03(\x0b\x32\x0f.nsjail.MountPt\x12\x1b\n\x13seccomp_policy_file\x18@ \x01(\t\x12\x16\n\x0eseccomp_string\x18\x41 \x03(\t\x12\x1a\n\x0bseccomp_log\x18\x42 \x01(\x08:\x05\x66\x61lse\x12\x19\n\x0e\x63group_mem_max\x18\x43 \x01(\x04:\x01\x30\x12\x1f\n\x14\x63group_mem_memsw_max\x18[ \x01(\x04:\x01\x30\x12\x1f\n\x13\x63group_mem_swap_max\x18\\ \x01(\x03:\x02-1\x12/\n\x10\x63group_mem_mount\x18\x44 \x01(\t:\x15/sys/fs/cgroup/memory\x12!\n\x11\x63group_mem_parent\x18\x45 \x01(\t:\x06NSJAIL\x12\x1a\n\x0f\x63group_pids_max\x18\x46 \x01(\x04:\x01\x30\x12.\n\x11\x63group_pids_mount\x18G \x01(\t:\x13/sys/fs/cgroup/pids\x12\"\n\x12\x63group_pids_parent\x18H \x01(\t:\x06NSJAIL\x12!\n\x16\x63group_net_cls_classid\x18I \x01(\r:\x01\x30\x12\x34\n\x14\x63group_net_cls_mount\x18J \x01(\t:\x16/sys/fs/cgroup/net_cls\x12%\n\x15\x63group_net_cls_parent\x18K \x01(\t:\x06NSJAIL\x12 \n\x15\x63group_cpu_ms_per_sec\x18L \x01(\r:\x01\x30\x12,\n\x10\x63group_cpu_mount\x18M \x01(\t:\x12/sys/fs/cgroup/cpu\x12!\n\x11\x63group_cpu_parent\x18N \x01(\t:\x06NSJAIL\x12&\n\x0e\x63groupv2_mount\x18O \x01(\t:\x0e/sys/fs/cgroup\x12\x1b\n\x0cuse_cgroupv2\x18P \x01(\x08:\x05\x66\x61lse\x12\x1a\n\x0biface_no_lo\x18Q \x01(\x08:\x05\x66\x61lse\x12\x11\n\tiface_own\x18R \x03(\t\x12\x15\n\rmacvlan_iface\x18S \x01(\t\x12\"\n\rmacvlan_vs_ip\x18T \x01(\t:\x0b\x31\x39\x32.168.0.2\x12$\n\rmacvlan_vs_nm\x18U \x01(\t:\r255.255.255.0\x12\"\n\rmacvlan_vs_gw\x18V \x01(\t:\x0b\x31\x39\x32.168.0.1\x12\x17\n\rmacvlan_vs_ma\x18W \x01(\t:\x00\x12\x1e\n\rmacvlan_vs_mo\x18X \x01(\t:\x07private\x12\x16\n\nnice_level\x18Y \x01(\x05:\x02\x31\x39\x12\x1d\n\x08\x65xec_bin\x18Z \x01(\x0b\x32\x0b.nsjail.Exe\x12\x1a\n\x0b\x64isable_tsc\x18] \x01(\x08:\x05\x66\x61lse\x12\x1e\n\x0f\x66orward_signals\x18^ \x01(\x08:\x05\x66\x61lse\x12\x1e\n\x0f\x64\x65tect_cgroupv2\x18_ \x01(\x08:\x05\x66\x61lse*3\n\x04Mode\x12\n\n\x06LISTEN\x10\x00\x12\x08\n\x04ONCE\x10\x01\x12\t\n\x05RERUN\x10\x02\x12\n\n\x06\x45XECVE\x10\x03*B\n\x08LogLevel\x12\t\n\x05\x44\x45\x42UG\x10\x00\x12\x08\n\x04INFO\x10\x01\x12\x0b\n\x07WARNING\x10\x02\x12\t\n\x05\x45RROR\x10\x03\x12\t\n\x05\x46\x41TAL\x10\x04*0\n\x06RLimit\x12\t\n\x05VALUE\x10\x00\x12\x08\n\x04SOFT\x10\x01\x12\x08\n\x04HARD\x10\x02\x12\x07\n\x03INF\x10\x03') +_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals()) +_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'config_pb2', globals()) if _descriptor._USE_C_DESCRIPTORS == False: DESCRIPTOR._options = None - _MODE._serialized_start=3448 - _MODE._serialized_end=3499 - _LOGLEVEL._serialized_start=3501 - _LOGLEVEL._serialized_end=3567 - _RLIMIT._serialized_start=3569 - _RLIMIT._serialized_end=3617 + _MODE._serialized_start=3540 + _MODE._serialized_end=3591 + _LOGLEVEL._serialized_start=3593 + _LOGLEVEL._serialized_end=3659 + _RLIMIT._serialized_start=3661 + _RLIMIT._serialized_end=3709 _IDMAP._serialized_start=24 _IDMAP._serialized_end=121 _MOUNTPT._serialized_start=124 @@ -86,5 +33,5 @@ _EXE._serialized_start=456 _EXE._serialized_end=526 _NSJAILCONFIG._serialized_start=529 - _NSJAILCONFIG._serialized_end=3446 + _NSJAILCONFIG._serialized_end=3538 # @@protoc_insertion_point(module_scope)