bin/56748: [PATCH] rc.subr: jail devfs handling broken
Oliver Eikemeier
eikemeier at fillmore-labs.com
Sat Sep 13 06:00:32 PDT 2003
>Number: 56748
>Category: bin
>Synopsis: [PATCH] rc.subr: jail devfs handling broken
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Sep 13 06:00:29 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Oliver Eikemeier
>Release: FreeBSD 5.1-CURRENT i386
>Organization:
Fillmore Labs - http://www.fillmore-labs.com
>Environment:
System: FreeBSD nuuk.fillmore-labs.com 5.1-CURRENT
>Description:
When you start a jail on 5-CURRENT with
jail_enable="YES"
jail_list="myjail"
jail_myjail_rootdir="/home/myjail"
... in /etc/rc.conf
/dev/console of the base system is clobbered
Moreover, the rules for the devfs mounted in the jail
are set, but not applied, which gives the jail
access to too many devices and is a security breach.
There is another bug this patch doesn't fix:
devfs_link doesn't seem to work for the console device.
>How-To-Repeat:
>Fix:
--- rc.subr.patch begins here ---
--- src/etc/rc.subr.orig Fri Aug 22 11:55:52 2003
+++ src/etc/rc.subr Sat Sep 13 14:17:34 2003
@@ -1039,7 +1039,7 @@
}
# devfs_link dir src link
-# Make a symbolic link 'link' to src in chroot/dev.
+# Make a symbolic link 'link' to src in dir.
# Returns 0 on sucess.
#
devfs_link()
@@ -1058,7 +1058,7 @@
warn "$_me: the directory ($dir) does not exist"
return 1
fi
- cd ${chroot}/dev
+ cd ${dir}
if ! ln -sf $src $link ; then
warn "$_me: unable to link $link --> $src in $dir"
return 1
@@ -1230,6 +1230,7 @@
if [ -n "$rs" ]; then
devfs_init_rulesets
devfs_set_ruleset $rs $devdir
+ devfs_apply_ruleset $rs $devdir
fi
return 0
}
--- rc.subr.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list