From owner-freebsd-jail@FreeBSD.ORG  Fri Oct  5 16:40:44 2012
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 20DFE1065670
	for <freebsd-jail@freebsd.org>; Fri,  5 Oct 2012 16:40:44 +0000 (UTC)
	(envelope-from joris.dedieu@gmail.com)
Received: from mail-qc0-f182.google.com (mail-qc0-f182.google.com
	[209.85.216.182])
	by mx1.freebsd.org (Postfix) with ESMTP id CF4B58FC17
	for <freebsd-jail@freebsd.org>; Fri,  5 Oct 2012 16:40:43 +0000 (UTC)
Received: by mail-qc0-f182.google.com with SMTP id l39so1504459qcs.13
	for <freebsd-jail@freebsd.org>; Fri, 05 Oct 2012 09:40:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:content-type; bh=QRUAQWkdeJMZFTyfc9qPekgf7DCceo+sza+yyiZKOSw=;
	b=PbPiZ4t9p/TvAnc79BvXS40uK0MOxJjQQ/uskcANN/+Mwnc8unWny03oHke3Kk9E9T
	/cPXDWcPKTC40FIOMtd/U879xxA5qRqDDFYxwdGpMJa+ncDD+klYBCS9E/fgoLN/ci+D
	16gxK9nSVL7D3Gkt39pItNZOnP82Aas69VSXmBv2U8tQd4rL5ub7r3HWWMkhWshF2KMV
	W8TmEJjduAWEs4ZUTTJXbZGUkexARC8agTEekbx+5+k84PfOaFHq6HZ8LfVjHSYpN9Wk
	lu2OTzuEw9uPEwUXCz2BWQZZwFb+tWxedWpxCb4UZ6V2UgIUt463/ZXl5o7DNilyiIsL
	jzWw==
MIME-Version: 1.0
Received: by 10.49.71.71 with SMTP id s7mr26420437qeu.33.1349455242870; Fri,
	05 Oct 2012 09:40:42 -0700 (PDT)
Received: by 10.224.136.151 with HTTP; Fri, 5 Oct 2012 09:40:42 -0700 (PDT)
In-Reply-To: <CAPd55qA6uDJAg3vZgAwbmu6E_wFbK-OjybN4Ygr6ZzAHEDFeCA@mail.gmail.com>
References: <CAPd55qAV+LXGQQj4WpBu1UbstWnd63PHN6hJUWnLSgEEz9HrLQ@mail.gmail.com>
	<CAPd55qA6uDJAg3vZgAwbmu6E_wFbK-OjybN4Ygr6ZzAHEDFeCA@mail.gmail.com>
Date: Fri, 5 Oct 2012 18:40:42 +0200
Message-ID: <CAPd55qAjxEBBx5kYS=b1cB5HN_0_6q82gxKRyXj=jTGxmtwMKQ@mail.gmail.com>
From: joris dedieu <joris.dedieu@gmail.com>
To: freebsd-jail@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Subject: Re: create an empty jail with libjail
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2012 16:40:44 -0000

2012/10/5 joris dedieu <joris.dedieu@gmail.com>:
> 2012/10/5 joris dedieu <joris.dedieu@gmail.com>:
>> Hi,
>> I try to create an empty jail using libjail. Something equivalent to
>> "jail -c name=empty host.hostname=empty path=/var/empty persist". I've
>> tried with jailparam_import and jail_setv on 8.3 and 9.1 but both
>> failed. I can't find where my code is wrong.

Works too after reinstalling libc + fix a typo.

Working code :

int
main(int argc, char **argv)
{
        int jid;
        if((jid = jail_setv(JAIL_CREATE,
                        "name", "empty",
                        "path", "/var/empty",
                        "host.hostname", "empty",
                        "persist", NULL,
                        )) == -1)
                err(1, "jail_setv");
        printf("jid is %d", jid);
        return 0;
}

int
main(int argc, char **argv)
{
        struct jailparam params[4];
        int jid;
        jailparam_init(&params[0], "name");
        jailparam_import(&params[0], "empty");
        jailparam_init(&params[1], "host.hostname");
        jailparam_import(&params[1], "empty.rmdir.fr");
        jailparam_init(&params[2], "path");
        jailparam_import(&params[2], "/var/empty");
        jailparam_init(&params[3], "persist");
        jailparam_import(&params[3], NULL);

        if((jid = jailparam_set(params, 4, JAIL_CREATE)) == -1)
                err(1, "jailparam_set");
        printf("jid is %d", jid);
        return 0;
}

Sorry for the noise
Joris
>>
>> Eg 1:
>>
>> #include <sys/param.h>
>> #include <sys/jail.h>
>> #include <jail.h>
>>
>> int
>> main(int argc, char **argv)
>> {
>>         struct jailparam params[4];
>>         int jid;
>>         jailparam_init(&params[0], "name");
>>         jailparam_import(&params[0], "empty");
>>         jailparam_init(&params[1], "host.hostname");
>>         jailparam_import(&params[1], "empty.rmdir.fr");
>>         jailparam_init(&params[2], "path");
>>         jailparam_import(&params[2], "/var/empty");
>>         /*jailparam_init(&params[3], "persist");
>>         jailparam_import(&params[3], NULL);*/
>>
>>         if((jid = jailparam_set(params, 4, JAIL_CREATE)) == -1)
>>                 err(1, "jailparam_set");
>>         printf("jid is %d", jid);
>>         return 0;
>> }
>
> The problem with this code (except the comments) was in my world. It
> works fot me after reinstalling the libc.
> The second code (with jail_setv, still not working). I will try to
> find what's wrong with it.
>
> Joris
>>
>>
>>  jailparam_import fails with EINVAL  (from libc's jail_set but i don't
>> know why)
>>
>>
>> Eg 2:
>>
>> #include <sys/param.h>
>> #include <sys/jail.h>
>> #include <jail.h>
>>
>> int
>> main(int argc, char **argv)
>> {
>>         int jid;
>>         if((jid = jail_setv(JAIL_CREATE,
>>                         "name", "empty"
>>                         "host.hostname", "empty",
>>                         "path", "/var/empty",
>>                         "persist", NULL, NULL
>>                         )) == -1)
>>                 err(1, "jail_setv");
>>         printf("jid is %d", jid);
>>         return 0;
>> }
>>
>> jail_setv fails with ENOENT. I think it comes from  libjail's
>> jailparam_type as persist is not in security.jail.param's mib in
>> prison 0 (see .lib/libjail/jail.c:854).
>>
>>
>> I really don't understand why it doesn't work. If someone could have a
>> little look, it would be grate.
>>
>> Regards
>> Joris