Date: Wed, 10 May 2006 11:48:13 +0800 (CST) From: Cheng-Lung Sung <clsung@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/97071: [patch] add security.jail.jid sysctl Message-ID: <20060510034813.39CA828493@going04.iis.sinica.edu.tw> Resent-Message-ID: <200605100350.k4A3oE7D098937@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 97071
>Category: kern
>Synopsis: [patch] add security.jail.jid sysctl
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed May 10 03:50:14 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Cheng-Lung Sung
>Release: FreeBSD 6.1-STABLE i386
>Organization:
FreeBSD
>Environment:
System: FreeBSD going04.iis.sinica.edu.tw 6.1-STABLE FreeBSD 6.1-STABLE #11: Wed May 10 11:01:51 CST 2006 root@going04.iis.sinica.edu.tw:/usr/obj/usr/src/sys/GOING04 i386
>Description:
bin/89989 suggest to specify jid at jail start-up time, and I think
let users can know their jid inside jail is a good idea.
security.jail.jid can also replace security.jail.jailed, since
they all return zero in host, and > 0 in jail.
>How-To-Repeat:
sysctl security.jail.jid
>Fix:
--- sys/kern/kern_jail.c.orig Sun Nov 13 11:12:32 2005
+++ sys/kern/kern_jail.c Wed May 10 06:34:24 2006
@@ -582,3 +582,17 @@
}
SYSCTL_PROC(_security_jail, OID_AUTO, jailed, CTLTYPE_INT | CTLFLAG_RD,
NULL, 0, sysctl_jail_jailed, "I", "Process in jail?");
+
+static int
+sysctl_jail_jid(SYSCTL_HANDLER_ARGS)
+{
+ int error, jid;
+
+ if ((jid = jailed(req->td->td_ucred)))
+ jid = req->td->td_ucred->cr_prison->pr_id;
+ error = SYSCTL_OUT(req, &jid, sizeof(jid));
+
+ return (error);
+}
+SYSCTL_PROC(_security_jail, OID_AUTO, jid, CTLTYPE_INT | CTLFLAG_RD,
+ NULL, 0, sysctl_jail_jid, "I", "Jail ID");
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060510034813.39CA828493>