#define _GNU_SOURCE
#include        <stdio.h>
#include        <string.h>
#include        <errno.h>
#include        <malloc.h>
#include        <unistd.h>
#include        <stdlib.h>
#include        <fcntl.h>
#include        <sched.h>
#include        <sys/wait.h>
#include        <sys/mount.h>
#include        <linux/fs.h>

#define STKSIZE 16386

int variable, fd;

int do_contain()

{
(void) fprintf(stdout,"Clone started pid='%d', parent='%d'\n",getpid(),getppid());
(void) fflush(stdout);
(void) unshare(CLONE_NEWUTS|CLONE_NEWUSER|CLONE_NEWNS|CLONE_FILES|CLONE_FS);
if (mount("/wrk/jail", "/mnt", NULL, MS_BIND, NULL)<0) {
  (void) fprintf(stdout,"unable to mount /wrk/jail on mnt error=<%s>\n",strerror(errno));
  (void) fflush(stdout);
  (void) exit(1);
  }
if (chdir("/mnt")<0) {
  (void) fprintf(stdout,"unable to chdir to /wrk/jail error=<%s>\n",strerror(errno));
  (void) fflush(stdout);
  (void) exit(1);
  }
if (pivot_root(".", "old_root")<0) {
  (void) fprintf(stdout,"privot_root error=<%s>\n",strerror(errno));
  (void) fflush(stdout);
  (void) exit(1);
  }
if (chdir("/")<0) {
  (void) fprintf(stdout,"unable to chdir to / error=<%s>\n",strerror(errno));
  (void) fflush(stdout);
  (void) exit(1);
  }
(void) chroot(".");
if (mount("none", "/proc","proc",0,NULL)<0) {
  (void) fprintf(stdout,"mount MOVE error=<%s>\n",strerror(errno));
  (void) fflush(stdout);
  (void) exit(1);
  }
if (umount2("old_root",MNT_DETACH)<0) {
  (void) fprintf(stdout,"Unable to umount old_root error=<%s>\n",strerror(errno));
  (void) fflush(stdout);
  (void) exit(1);
  }
(void) fprintf(stderr,"Pret 3!\n");
(void) fflush(stderr);
(void) execl("/bin/bash", NULL);
(void) fprintf(stdout,"Clone completed pid='%d' (UNEXPECTED!!)\n",getpid());
_exit(0);
}

int main(int argc, char *argv[])

{
void **child_stack;
pid_t cpid;

child_stack=(void **)malloc(STKSIZE);
if ((cpid=clone(&do_contain, child_stack+STKSIZE,SIGCHLD|__WCLONE|CLONE_NEWPID|CLONE_NEWNS,NULL))<0) {
  (void) fprintf(stdout,"Unable to start container (error=%s)\n",strerror(errno));
  (void) fflush(stdout);
  (void) exit(1);
  }
if (waitpid(cpid,0,0)<0) {
  (void) fprintf(stdout,"Waitpid error (%s)\n",strerror(errno));
  (void) fflush(stdout);
  (void) exit(2);
  }
(void) free(child_stack);
(void) fprintf(stdout,"Everything done\n");
(void) fflush(stdout);
return 0;
}