kern/97071: [patch] add security.jail.jid sysctl
Cheng-Lung Sung
clsung at FreeBSD.org
Wed May 10 03:50:15 UTC 2006
>Number: 97071
>Category: kern
>Synopsis: [patch] add security.jail.jid sysctl
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed May 10 03:50:14 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Cheng-Lung Sung
>Release: FreeBSD 6.1-STABLE i386
>Organization:
FreeBSD
>Environment:
System: FreeBSD going04.iis.sinica.edu.tw 6.1-STABLE FreeBSD 6.1-STABLE #11: Wed May 10 11:01:51 CST 2006 root at going04.iis.sinica.edu.tw:/usr/obj/usr/src/sys/GOING04 i386
>Description:
bin/89989 suggest to specify jid at jail start-up time, and I think
let users can know their jid inside jail is a good idea.
security.jail.jid can also replace security.jail.jailed, since
they all return zero in host, and > 0 in jail.
>How-To-Repeat:
sysctl security.jail.jid
>Fix:
--- sys/kern/kern_jail.c.orig Sun Nov 13 11:12:32 2005
+++ sys/kern/kern_jail.c Wed May 10 06:34:24 2006
@@ -582,3 +582,17 @@
}
SYSCTL_PROC(_security_jail, OID_AUTO, jailed, CTLTYPE_INT | CTLFLAG_RD,
NULL, 0, sysctl_jail_jailed, "I", "Process in jail?");
+
+static int
+sysctl_jail_jid(SYSCTL_HANDLER_ARGS)
+{
+ int error, jid;
+
+ if ((jid = jailed(req->td->td_ucred)))
+ jid = req->td->td_ucred->cr_prison->pr_id;
+ error = SYSCTL_OUT(req, &jid, sizeof(jid));
+
+ return (error);
+}
+SYSCTL_PROC(_security_jail, OID_AUTO, jid, CTLTYPE_INT | CTLFLAG_RD,
+ NULL, 0, sysctl_jail_jid, "I", "Jail ID");
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list