kz-proxy 0.3.0

MITM proxy and subprocess sandbox for blind secret injection
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

//! Linux: helper for the runner (e.g. bring up loopback inside Firecracker guest). No unshare-based enforcer.

/// Bring up loopback in the current network namespace (e.g. inside Firecracker VM or after unshare -n).
pub fn bring_up_loopback() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
    let status = std::process::Command::new("ip")
        .args(["link", "set", "lo", "up"])
        .status()
        .map_err(|e| {
            format!(
                "bring up loopback (ip link set lo up): {}. Is iproute2 installed?",
                e
            )
        })?;
    if status.success() {
        Ok(())
    } else {
        Err("ip link set lo up failed".into())
    }
}