From owner-freebsd-hackers  Sun Nov 25 13:44: 2 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from aaz.links.ru (aaz.links.ru [193.125.152.37])
	by hub.freebsd.org (Postfix) with ESMTP
	id 14A6A37B405; Sun, 25 Nov 2001 13:43:49 -0800 (PST)
Received: (from babolo@localhost)
	by aaz.links.ru (8.9.3/8.9.3) id AAA28384;
	Mon, 26 Nov 2001 00:50:19 +0300 (MSK)
Message-Id: <200111252150.AAA28384@aaz.links.ru>
Subject: Re: jail patch
In-Reply-To: <15361.9475.891401.44730@horsey.gshapiro.net> from "Gregory Neil Shapiro" at "Nov 25, 1 09:06:11 am"
To: gshapiro@FreeBSD.ORG (Gregory Neil Shapiro)
Date: Mon, 26 Nov 2001 00:50:19 +0300 (MSK)
Cc: evms@cs.bu.edu, freebsd-stable@FreeBSD.ORG,
	freebsd-hackers@FreeBSD.ORG
From: "."@babolo.ru
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Gregory Neil Shapiro writes:
> evms> I wrote this a while ago, but, if anyone is interested, please
> evms> take a look: this module implements a system call that takes
> evms> a u_int_32t. This system call, named killjail, kills all processes
> evms> which belong to the jail which uses that particular IP address.
> 
> evms> I included it in a tar with a makefile and with a program
> evms> that uses it. (Eg: ./killjail 1.2.3.4)
> 
> evms> http://www.sekt7.org/kjs.tar
> 
> evms> Works on 4.4 but can be easily ported to 5.0.
> 
> This can be done in userland without kernel interaction:
> 
> #!/bin/sh
> 
> EX_OK=0
> EX_USAGE=64
> 
> if [ "$1" = "" ]
> then
> 	echo "Usage: $0 jailname"
> 	exit ${EX_USAGE}
> fi
> 
> pids=`grep -l " $1\$" /proc/*/status | awk -F/ '{print $3}'`
> if [ "$pids" != "" ]
> then
> 	kill -15 $pids 2> /dev/null
> fi
> exit ${EX_OK}
This programm selects process by jail host name
instead of by jail itself.
For example I have about 40 jails with
the same host name and IP address
(they occupy different ports).

-- 
@BABOLO      http://links.ru/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message