Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 Mar 2003 12:55:52 -0800 (PST)
From:      ". ." <neoninternet@yahoo.com>
To:        freebsd-stable@freebsd.org
Cc:        freebsd-security@freebsd.org
Subject:   Ident in a jailed environment (continued)
Message-ID:  <20030325205552.45387.qmail@web20703.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help 
Sorry for the cross-post.  I have seen this issue in
both lists and just want to make sure it gets through
to the proper people.  I have sent this request to
-stable list before, just reopening the issue:
 
Hey. Ident under -stable doesn't work correctly. This
has been discussed before and is fixed in 5.0 but I'm
not sure if I want to use 5.0 on a production server.
I applied a patch that was made by Robert Watson that
was submitted in 2001 for 4.3 (I believe). It applies
but still doesn't work. I have pasted the patch below.
Does anyone have any other suggestions a hack to get
ident to work inside a 4.7 jail?

I have also patched tcp6_subr.c and udp_subr.c.  I am
just wanting to get ident working which is ipv4 tcp
port 113.

I've applied all the patches I could find (this one)
and still nothing.  The u_cansee code is no longer in
4.x so I can't put that in.  

I have tried built in auth, ident2, oidentd.  None of
them return correctly.

Any ideas?

Thanks,

Kevin Bockman


Index: tcp_subr.c 
===================================================================

RCS file: /home/ncvs/src/sys/netinet/tcp_subr.c,v 
retrieving revision 1.73.2.22 
diff -u -r1.73.2.22 tcp_subr.c 
--- tcp_subr.c 22 Aug 2001 00:59:12 -0000 1.73.2.22 
+++ tcp_subr.c 7 Dec 2001 16:56:23 -0000 
@@ -910,7 +910,7 @@ 
        struct inpcb *inp; 
        int error, s; 
  
- error = suser(req->p); 
+ error = suser_xxx(NULL, req->p, PRISON_ROOT); 
        if (error) 
                return (error); 
        error = SYSCTL_IN(req, addrs, sizeof(addrs)); 
 
 


__________________________________________________
Do you Yahoo!?
Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
http://platinum.yahoo.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030325205552.45387.qmail>