Repositories / jai.git

jai.git

Clone (read-only): git clone http://git.guha-anderson.com/git/jai.git

Branch
CodeHistory

make sure user outside sandbox has access to /run/user/UID dir.

Author
David Mazieres <dm@uun.org>
Date
2026-03-26 20:57:02 -0700
Commit
5f27e73aa773430e94ca6f4addbccd33bc30ac07
jai.cc
index 5046367..dc51897 100644
--- a/jai.cc
+++ b/jai.cc
@@ -338,6 +338,7 @@ Config::make_private_tmp()
 Fd
 Config::make_private_run()
 {
+  ensure_dir(run_jai_user(), "tmp/.run", 0755, kNoFollow);
   Fd fd = ensure_dir(run_jai_user(), "tmp/.run" / sandbox_name_, 0700,
                      kNoFollow, true);
   if (xfstat(*fd).st_uid != user_cred_.uid_ &&
@@ -1049,7 +1050,8 @@ Config::opt_parser(bool dotjail)
       },
       "Erase $HOME/FILE when first creating overlay home", "FILE");
   opts(
-      "--unmask", [this](std::string_view arg) {
+      "--unmask",
+      [this](std::string_view arg) {
         path p(expand(arg));
         mask_files_.erase(p);
       },