Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 15 Feb 2002 15:50:33 GMT
From:      juergen.unger@energis-ision.com
To:        FreeBSD-gnats-submit@freebsd.org
Cc:        juergen.unger@energis-ision.com
Subject:   kern/34963: identify procs belonging to the same jail
Message-ID:  <200202151550.g1FFoX922224@neon.suedwest.energis-ision.com>
next in thread | raw e-mail | index | archive | help 

>Number:         34963
>Category:       kern
>Synopsis:       identify procs belonging to the same jail
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 15 06:50:00 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Juergen Unger
>Release:        FreeBSD 4.5-STABLE i386
>Organization:
Energis-Ision
>Environment:
System: FreeBSD neon.suedwest.energis-ision.com 4.5-STABLE FreeBSD 4.5-STABLE #1: Wed Feb 6 20:04:44 GMT 2002 root@neon.suedwest.energis-ision.com:/usr/obj/usr/src/sys/GENERIC i386

>Description:
to identify all processes belonging to the same jail the only secure
way is to use the IP of this jail as criteria.  Unfortunately this
information is not visible within the process-list of the host or within
the procfs of the host.  There is the hostname of the jail the process
belongs to in the procfs but this information can be change by jail-root
users and therefore is not a valid uniq ID for the jail.
This patch now adds the IP of the jail the process runs in to the last
field of the file /proc/<pid>/status.
>How-To-Repeat:
none. system lacks this feature
>Fix:
apply this little patch:

|--- /usr/src/sys/miscfs/procfs/procfs_status.c.old      Tue Jan 22 17:22:59 2002
|+++ /usr/src/sys/miscfs/procfs/procfs_status.c  Fri Feb 15 15:08:40 2002
|@@ -159,7 +159,7 @@
| 
|        if (p->p_prison)
|                ps += snprintf(ps, psbuf + sizeof(psbuf) - ps,
|-                   " %s", p->p_prison->pr_host);
|+                   " %s,%lu", p->p_prison->pr_host, p->p_prison->pr_ip);
|        else
|                ps += snprintf(ps, psbuf + sizeof(psbuf) - ps, " -");
|        DOCHECK();

the version of /usr/src/sys/miscfs/procfs/procfs_status.c is
 * $FreeBSD: src/sys/miscfs/procfs/procfs_status.c,v 1.20.2.4 2002/01/22 17:22:59 nectar Exp $

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202151550.g1FFoX922224>