jail getfsstat patches.
Pawel Jakub Dawidek
pjd at FreeBSD.org
Sat Jun 26 23:59:34 PDT 2004
On Fri, Jun 25, 2004 at 06:15:41PM -0700, Julian Elischer wrote:
+> There are patches around to make 'df' and 'mount'
+> show pretty much the exact right thing from a jail.
+> In both -current and 4.x
+> I propose to commit these.
+> "jailfsstat - With this kernel module process in jail can only see file
+> systems mounted inside."
+> for 4.x
+> for 5.x
+> with possible small changes..
+> e.g. the 4.x version would not be a module
+> but would have a sysclt to turn it on
+> (off by default)
+> and the 5.x version may require osme small work too..
+> Does anyone violently object to these?
+> The fact that df or mount shows so much not only confuses the hell
+> out of users, it makes scripts fail in odd ways.
+> (and bugs the hell out of me too).
We have talked with rwatson a lot about this (in the past and currently)
and this is really non-trivial work if we want to do it as it should be
First of all we depend on fact, that mount(8) gives full path to mount(2)
(without any symlinks, .., ., etc.). If mount(2) will be called with
relative path, we're in trouble.
To fix this we need to do realpath(3) in kernel, in mount(2) syscall.
We don't have such function in kernel atm. I wrote one for cerb,
but this code was quite complex and I don't know if we want to bring it in.
There are many situations when we can't just depend on f_mntonname field,
because path there could not be valid (e.g. when root will rename one of
those path's components). Of course it is not good thing to do anyway,
but in this situation it brings us in bigger trouble.
The best way to do it is to walk up from the vnode where file system is
mounted on to the vnode where jail's root directory starts. But I think
this is not possible with our VFS.
I know that it will be a good thing to do something with it, even if we
cannot use a perfect solution.
IMHO we shouldn't use Bjoern's patch, it is ok, but for base system it is
too complex (I found at least one bug, in line 455 in file HEAD-20040606.diff)
and I think simple sysctl to turn it on and off is enough for us and will
simplify code a lot. Bjoern, are you ok with this?
If you give me a few days (maybe I'll be ready today) I'll try to prepare
patch to commit so we can review it together.
Pawel Jakub Dawidek http://www.FreeBSD.org
pjd at FreeBSD.org http://garage.freebsd.pl
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20040627/cfcfa0e0/attachment.bin
More information about the freebsd-current