From b3d92d2306b347a5fccb9af8576b8ccfe52d0da9 Mon Sep 17 00:00:00 2001
From: John Peel <john@dgby.org>
Date: Sun, 1 Oct 2023 21:40:12 -0400
Subject: [PATCH] Added bash demo for userns-block-fd

Signed-off-by: John Peel <john@dgby.org>
---
 demos/userns-block-fd.sh | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 demos/userns-block-fd.sh

diff --git a/demos/userns-block-fd.sh b/demos/userns-block-fd.sh
new file mode 100644
index 00000000..7909f25a
--- /dev/null
+++ b/demos/userns-block-fd.sh
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+# This is an example of using the userns-block feature with bash.
+
+# info pipe
+exec 10<> <(:)
+# userns_block pipe
+exec 11<> <(:)
+
+userns_setup() {
+    child_pid=$(jq -rn 'input | .["child-pid"]' <&10)
+    newuidmap $child_pid 0 $(id -u) 1
+    newgidmap $child_pid 0 $(id -g) 1
+    echo 1 >&11
+    exec 11>&-
+}
+userns_setup 10<&10 11>&11 &
+
+bwrap                       \
+    --unshare-all           \
+    --unshare-user          \
+    --userns-block-fd 11    \
+    --info-fd 10            \
+    --bind / /              \
+    cat /proc/self/uid_map  \
+    10>&10 11<&11