#!/bin/sh

if ! which nsjail >/dev/null 2>/dev/null; then
  # need for bootstrapping
  echo "warning: no private tmp for rpm"
  /usr/bin2/rpm "$@"
else
  nsjail -Mo -Q --keep_env --keep_caps --skip_setsid --disable_no_new_privs --disable_rlimits --disable_clone_newnet --disable_clone_newuser --disable_clone_newns --disable_clone_newpid --disable_clone_newipc --disable_clone_newuts --disable_clone_newcgroup --proc_rw --nice_level 0 --chroot / --rw -m none:/tmp:tmpfs:size=8388608 -m none:/var/tmp:tmpfs:size=8388608 -- /usr/bin2/rpm "$@"
fi
