Date: Fri, 5 Oct 2012 18:40:42 +0200 From: joris dedieu <joris.dedieu@gmail.com> To: freebsd-jail@freebsd.org Subject: Re: create an empty jail with libjail Message-ID: <CAPd55qAjxEBBx5kYS=b1cB5HN_0_6q82gxKRyXj=jTGxmtwMKQ@mail.gmail.com> In-Reply-To: <CAPd55qA6uDJAg3vZgAwbmu6E_wFbK-OjybN4Ygr6ZzAHEDFeCA@mail.gmail.com> References: <CAPd55qAV%2BLXGQQj4WpBu1UbstWnd63PHN6hJUWnLSgEEz9HrLQ@mail.gmail.com> <CAPd55qA6uDJAg3vZgAwbmu6E_wFbK-OjybN4Ygr6ZzAHEDFeCA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
2012/10/5 joris dedieu <joris.dedieu@gmail.com>:
> 2012/10/5 joris dedieu <joris.dedieu@gmail.com>:
>> Hi,
>> I try to create an empty jail using libjail. Something equivalent to
>> "jail -c name=empty host.hostname=empty path=/var/empty persist". I've
>> tried with jailparam_import and jail_setv on 8.3 and 9.1 but both
>> failed. I can't find where my code is wrong.
Works too after reinstalling libc + fix a typo.
Working code :
int
main(int argc, char **argv)
{
int jid;
if((jid = jail_setv(JAIL_CREATE,
"name", "empty",
"path", "/var/empty",
"host.hostname", "empty",
"persist", NULL,
)) == -1)
err(1, "jail_setv");
printf("jid is %d", jid);
return 0;
}
int
main(int argc, char **argv)
{
struct jailparam params[4];
int jid;
jailparam_init(¶ms[0], "name");
jailparam_import(¶ms[0], "empty");
jailparam_init(¶ms[1], "host.hostname");
jailparam_import(¶ms[1], "empty.rmdir.fr");
jailparam_init(¶ms[2], "path");
jailparam_import(¶ms[2], "/var/empty");
jailparam_init(¶ms[3], "persist");
jailparam_import(¶ms[3], NULL);
if((jid = jailparam_set(params, 4, JAIL_CREATE)) == -1)
err(1, "jailparam_set");
printf("jid is %d", jid);
return 0;
}
Sorry for the noise
Joris
>>
>> Eg 1:
>>
>> #include <sys/param.h>
>> #include <sys/jail.h>
>> #include <jail.h>
>>
>> int
>> main(int argc, char **argv)
>> {
>> struct jailparam params[4];
>> int jid;
>> jailparam_init(¶ms[0], "name");
>> jailparam_import(¶ms[0], "empty");
>> jailparam_init(¶ms[1], "host.hostname");
>> jailparam_import(¶ms[1], "empty.rmdir.fr");
>> jailparam_init(¶ms[2], "path");
>> jailparam_import(¶ms[2], "/var/empty");
>> /*jailparam_init(¶ms[3], "persist");
>> jailparam_import(¶ms[3], NULL);*/
>>
>> if((jid = jailparam_set(params, 4, JAIL_CREATE)) == -1)
>> err(1, "jailparam_set");
>> printf("jid is %d", jid);
>> return 0;
>> }
>
> The problem with this code (except the comments) was in my world. It
> works fot me after reinstalling the libc.
> The second code (with jail_setv, still not working). I will try to
> find what's wrong with it.
>
> Joris
>>
>>
>> jailparam_import fails with EINVAL (from libc's jail_set but i don't
>> know why)
>>
>>
>> Eg 2:
>>
>> #include <sys/param.h>
>> #include <sys/jail.h>
>> #include <jail.h>
>>
>> int
>> main(int argc, char **argv)
>> {
>> int jid;
>> if((jid = jail_setv(JAIL_CREATE,
>> "name", "empty"
>> "host.hostname", "empty",
>> "path", "/var/empty",
>> "persist", NULL, NULL
>> )) == -1)
>> err(1, "jail_setv");
>> printf("jid is %d", jid);
>> return 0;
>> }
>>
>> jail_setv fails with ENOENT. I think it comes from libjail's
>> jailparam_type as persist is not in security.jail.param's mib in
>> prison 0 (see .lib/libjail/jail.c:854).
>>
>>
>> I really don't understand why it doesn't work. If someone could have a
>> little look, it would be grate.
>>
>> Regards
>> Joris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPd55qAjxEBBx5kYS=b1cB5HN_0_6q82gxKRyXj=jTGxmtwMKQ>