Date: Tue, 13 Feb 2001 10:37:35 -0500 (EST) From: Robert Watson <rwatson@freebsd.org> To: Lists Account <lists@security.za.net> Cc: hackers@freebsd.org Subject: Re: Jail Pseudo Terminals Message-ID: <Pine.NEB.3.96L.1010213103208.5215A-100000@fledge.watson.org> In-Reply-To: <Pine.BSF.4.21.0102130708170.31659-100000@security.za.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Generally speaking, applications expect terminal names to use the following pattern: tty followed by two characterS: Possible first character: pqrsPQRS Possible second character: 0123456789abcdefghijklmnpopqrstuv Normally the selection and allocation of a pty is done transparently to the application using the openpty() call. The names you've provided don't fit that pattern, although as long as an application finds them, they work fine. This suggests that ssh is not using openpty(), or that something else is going on here. In any case, the supported way to create pty device nodes is: sh MAKEDEV pty0 # first 32 ptys sh MAKEDEV pty1 # second 32 ptys sh MAKEDEV pty2 # third 32 ptys Up to a possible pty7, offering a maximum of 256 pty's. It's possible to get a FreeBSD box to do more than that, but you'll need to tweak the kernel, as well as libutil and rebuild appropriate applications. It's possibly someone has removed the 256 bound in -CURRENT, although I don't believe they have (haven't checked lately though). So my advice would be to start again by blowing away the ttyp*/pty* in your jail dev directory, and using the MAKEDEV script to create pty0-pty2 and see if that works better. One of the really nice things about -CURRENT is that we now use devfs by default (don't try this in -STABLE), although I'm not sure how adapted devfs for jail() right now. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Tue, 13 Feb 2001, Lists Account wrote: > Hi, > > Ok this is getting a bit strange. Interestingly enough ssh works 100% > with my method of tty creation, having created (from outside the > jail) ttyp32 - ttyp100 (with the minor/major numbers set as 5,XX where XX > is ttypXX), and a mknod type of c, ssh allocates ttys fine, however screen > still tells me there are no ttys available? > > Any ideas? > > Andrew > > On Mon, 12 Feb 2001, Robert Watson wrote: > > > > > On Mon, 12 Feb 2001, Lists Account wrote: > > > > > Just a quick question Im hoping someone can help me with. I extended > > > the number of pty's available on my base box just fine, with an edit to > > > /etc/ttys and making some new devices, then just a kill -1 1, and > > > everything worked fine. > > > > > > I did exactly the same thing under the jail, it didnt work, rebooted the > > > box and it still didnt work, does anyone know how to extend the number > > > of pty's under a jail? Any help would be MUCH appreciated > > > > Hmm. What do you mean by, ``I did exactly the same thing under the jail'' > > -- the mknod() syscall for device nodes is unavailable under jail() so as > > to prevent the creation of inappropriate devices that might allow the > > attacker to circumvent the jail() protections. So there are two things > > you could have done: (1) used MAKEDEV under jail(), and either it didn't > > generate appropriate error messages, or you missed them, and you should be > > running the MAKEDEV in the per-jail /dev directory, but not from within > > the jail(), or (2) you ran MAKEDEV outside the jail, and something else is > > broken. My first guess would be that you did (1), and running MAKEDEV > > outside of a jail() process but in the jail() /dev will fix things. > > > > Also, generally speaking, pty's are not managed by init, rather, they are > > dynamically allocated using openpty(), so you shouldn't need to HUP init, > > or even modify /etc/ttys. In fact, from within a jail(), you should be > > unable to successfully HUP the pid 1 init process. > > > > Robert N M Watson FreeBSD Core Team, TrustedBSD Project > > robert@fledge.watson.org NAI Labs, Safeport Network Services > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010213103208.5215A-100000>