From owner-freebsd-jail@FreeBSD.ORG Fri Oct 5 15:22:49 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 686F41065670 for ; Fri, 5 Oct 2012 15:22:49 +0000 (UTC) (envelope-from joris.dedieu@gmail.com) Received: from mail-qa0-f47.google.com (mail-qa0-f47.google.com [209.85.216.47]) by mx1.freebsd.org (Postfix) with ESMTP id 23E508FC0C for ; Fri, 5 Oct 2012 15:22:48 +0000 (UTC) Received: by mail-qa0-f47.google.com with SMTP id i29so425354qaf.13 for ; Fri, 05 Oct 2012 08:22:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=4SyiHTs66mCQrL0SGJRQ9LpV0mzGh42nIz5hdy2X3G8=; b=TI8VZXMe0FVmo7HueygwA6hQXW9lylKEZfayghOyX7298OHyZfG7p4vT0SQ/80p21P AsAQKqOOXc3MtTfBQSkl8sgHvxEdLskvMtYnkFOM05ORoNOzuxcu/UejOKMsK1U5gj88 WTs9hMVIdwDcvoPEYf6ERwOozjH1f3wRljdU2zfNYknHLNDkdicdfPw7qWbD2dJTtURX 2dg6ODSSbz8RkSu9cFpgxOvO/HON2HhwyecIY1O++6VPwqQ9hErz9u315tJR46fVAmvl CHuNfgdX/B+ZzAKh7gjMGr0mVYjFHk7Mb2c+5qdVGmhlFUwb9siVnpRW0y5/n8SZP7dI sC/Q== MIME-Version: 1.0 Received: by 10.49.130.70 with SMTP id oc6mr25622790qeb.16.1349450568497; Fri, 05 Oct 2012 08:22:48 -0700 (PDT) Received: by 10.224.136.151 with HTTP; Fri, 5 Oct 2012 08:22:48 -0700 (PDT) Date: Fri, 5 Oct 2012 17:22:48 +0200 Message-ID: From: joris dedieu To: freebsd-jail@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: create an empty jail with libjail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Oct 2012 15:22:49 -0000 Hi, I try to create an empty jail using libjail. Something equivalent to "jail -c name=empty host.hostname=empty path=/var/empty persist". I've tried with jailparam_import and jail_setv on 8.3 and 9.1 but both failed. I can't find where my code is wrong. Eg 1: #include #include #include int main(int argc, char **argv) { struct jailparam params[4]; int jid; jailparam_init(¶ms[0], "name"); jailparam_import(¶ms[0], "empty"); jailparam_init(¶ms[1], "host.hostname"); jailparam_import(¶ms[1], "empty.rmdir.fr"); jailparam_init(¶ms[2], "path"); jailparam_import(¶ms[2], "/var/empty"); /*jailparam_init(¶ms[3], "persist"); jailparam_import(¶ms[3], NULL);*/ if((jid = jailparam_set(params, 4, JAIL_CREATE)) == -1) err(1, "jailparam_set"); printf("jid is %d", jid); return 0; } jailparam_import fails with EINVAL (from libc's jail_set but i don't know why) Eg 2: #include #include #include int main(int argc, char **argv) { int jid; if((jid = jail_setv(JAIL_CREATE, "name", "empty" "host.hostname", "empty", "path", "/var/empty", "persist", NULL, NULL )) == -1) err(1, "jail_setv"); printf("jid is %d", jid); return 0; } jail_setv fails with ENOENT. I think it comes from libjail's jailparam_type as persist is not in security.jail.param's mib in prison 0 (see .lib/libjail/jail.c:854). I really don't understand why it doesn't work. If someone could have a little look, it would be grate. Regards Joris