[Bug 233262] security.jail.param.children sysctls don't display correctly

Fri Nov 16 23:25:29 UTC 2018

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233262

            Bug ID: 233262
           Summary: security.jail.param.children sysctls don't display
                    correctly
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: kern
          Assignee: bugs at FreeBSD.org
          Reporter: asomers at FreeBSD.org

The children.max jail parameter is supposed to show the maximum number of child
jails allows by a jail, when using hierarchical jails.  From experiment, this
parameter seems to work, but it's always displayed as 0.  The children.current
parameter is supposed to be a read-only sysctl displaying the current number of
children.  However it, too, always displays 0.  The jls command can correctly
display these parameters for child jails, but I don't see any way to get them
from within a jail.

Steps to reproduce:

[somers at fbsd12 ~]$ sudo jail -c name=foo host.hostname=foo children.max=99
persist
[somers at fbsd12 ~]$ jls -h jid name children.max children.cur    
jid name children.max children.cur
7 foo 99 0
[somers at fbsd12 ~]$ sudo jexec foo /bin/sh
# sysctl security.jail.param.children
security.jail.param.children.max: 0
security.jail.param.children.cur: 0
# jail -c name=bar host.hostname=bar persist
# sysctl security.jail.param.children
security.jail.param.children.max: 0
security.jail.param.children.cur: 0
# exit
[somers at fbsd12 ~]$ jls -h jid name children.max children.cur
jid name children.max children.cur
7 foo 99 1
8 foo.bar 0 0

Tested on 12.0-BETA4 and 12.0-CURRENT as of r340301.

-- 
You are receiving this mail because:
You are the assignee for the bug.