check for jailed environment for adjkerntz

Subbsd subbsd at gmail.com
Sun Feb 28 23:15:56 UTC 2010


jail with "complete" type have standard crontab a file of tasks. However not
all standard task are adapted for work in jail an environment. For example
adjkerntz which generates

adjkerntz [46733]: sysctl (set: "machdep.wall_cmos_clock"): Operation not
permitted

I suggest to give adjkerntz concept about jail in which to it it is not
necessary to work:


--- adjkerntz.c-orig    2010-03-01 01:53:01.000000000 +0300
+++ adjkerntz.c 2010-03-01 02:03:45.000000000 +0300
@@ -80,7 +80,7 @@
        struct tm local;
        struct timeval tv, *stv;
        struct timezone tz, *stz;
-       int kern_offset, wall_clock, disrtcset;
+       int kern_offset, wall_clock, disrtcset, jailed;
        size_t len;
        /* Avoid time_t here, can be unsigned long or worse */
        long offset, localsec, diff;
@@ -118,6 +118,16 @@
        if (init)
                sleep_mode = True;

+        len = sizeof(jailed);
+        if (sysctlbyname("security.jail.jailed", &jailed, &len, NULL, 0) ==
-1) {
+            syslog(LOG_ERR, "sysctl(\"security.jail.jailed\"): %m");
+            return 1;
+        }
+        if (jailed!=0) {
+            //not for jail
+            return 1;
+        }
+
        sigemptyset(&mask);
        sigemptyset(&emask);
        sigaddset(&mask, SIGTERM);


More information about the freebsd-current mailing list