Processes started inside a jail are only visible outside the
jail
Ricardo A. Reis
ricardo_bsd at yahoo.com.br
Fri Feb 24 07:52:33 PST 2006
Hi Vlad,
See your sysctl.conf per this entries:
sysctl -ad | grep bsd.see
security.bsd.see_other_gids: Unprivileged processes may see
subjects/objects with different real gid
security.bsd.see_other_uids: Unprivileged processes may see
subjects/objects with different real uid
Ricardo A. Reis
UNIFESP
Unix and Network Admin
> 6.1-PRERELEASE
>
> Inside the jail:
> root at j1 / # /usr/local/sbin/lighttpd -f /usr/local/etc/lighttpd.conf
> root at j1 / #
> root at j1 / # ps ax | grep light
> 55816 p0 S+J 0:00.00 grep light
> root at j1 / #
>
> Outside the jail:
> root at host / # ps ax | grep light
> 6263 ?? S 0:47.85 /usr/local/sbin/lighttpd -f
> /usr/local/etc/lighttpd.conf
> 81204 ?? SJ 0:00.01 /usr/local/sbin/lighttpd -f
> /usr/local/etc/lighttpd.conf
> 85151 pa S+ 0:00.00 grep light
> root at host / #
>
> There are two lighttpd instances - the host runs one as well. The
> other one is the one started from within the jail.
> I don't know where to start investigating from.
>
> --
> If it's there, and you can see it, it's real.
> If it's not there, and you can see it, it's virtual.
> If it's there, and you can't see it, it's transparent.
> If it's not there, and you can't see it, you erased it.
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>
>
More information about the freebsd-stable
mailing list