d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4392001125
freebsd-dev/usr.sbin/jail/jail.c

156 lines
3.4 KiB
C
Raw Normal View History

Fix various bogons. Submitted by: Rudolf Cejka <cejkar@dcse.fee.vutbr.cz> Reviewed by: phk
1999-05-04 18:20:53 +00:00
/*
* ----------------------------------------------------------------------------
* "THE BEER-WARE LICENSE" (Revision 42):
* <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you
* can do whatever you want with this stuff. If we meet some day, and you think
* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
* ----------------------------------------------------------------------------
*/
add FBSDID
2003-07-06 12:44:11 +00:00
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
#include <sys/param.h>
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
#include <sys/jail.h>
Add missing includes and sort includes.
2001-06-24 20:28:19 +00:00
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
#include <netinet/in.h>
Add missing includes and sort includes.
2001-06-24 20:28:19 +00:00
#include <arpa/inet.h>
#include <err.h>
o Implement -U flag: run command as user which exists only in jail. o getpwnam(3) returns NULL and does not set errno when the user does not exist. Bail out with "no such user" instead of "Unknown error: 0". PR: bin/67262 Submitted by: demon (-U flag) MFC after: 3 weeks
2004-05-29 18:39:27 +00:00
#include <errno.h>
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
#include <grp.h>
#include <login_cap.h>
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
#include <paths.h>
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
#include <pwd.h>
Add missing includes and sort includes.
2001-06-24 20:28:19 +00:00
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
static void usage(void);
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
extern char **environ;
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
o Implement -U flag: run command as user which exists only in jail. o getpwnam(3) returns NULL and does not set errno when the user does not exist. Bail out with "no such user" instead of "Unknown error: 0". PR: bin/67262 Submitted by: demon (-U flag) MFC after: 3 weeks
2004-05-29 18:39:27 +00:00
#define GET_USER_INFO do { \
pwd = getpwnam(username); \
if (pwd == NULL) { \
if (errno) \
err(1, "getpwnam: %s", username); \
else \
errx(1, "%s: no such user", username); \
} \
lcap = login_getpwclass(pwd); \
if (lcap == NULL) \
err(1, "getpwclass: %s", username); \
ngroups = NGROUPS; \
if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0) \
err(1, "getgrouplist: %s", username); \
} while (0)
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
int
main(int argc, char **argv)
{
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
login_cap_t *lcap;
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
struct jail j;
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
struct passwd *pwd;
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
struct in_addr in;
Pass an array of gid_t rather than an array of int to getgroups(). PR: 56646
2004-10-02 11:40:48 +00:00
gid_t groups[NGROUPS];
int ch, i, iflag, lflag, ngroups, uflag, Uflag;
Prepare jail(8) utility for new functionality which will limit seeing status of mounted file system for jailed processes. Pass full path of jail's root directory to the kernel. mount(8) utility is doing the same thing already.
2004-06-27 10:10:16 +00:00
char path[PATH_MAX], *username;
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
static char *cleanenv;
const char *shell, *p;
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
iflag = lflag = uflag = Uflag = 0;
username = cleanenv = NULL;
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
while ((ch = getopt(argc, argv, "ilu:U:")) != -1) {
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
switch (ch) {
o Add jls(8) for listing active jails. o Add jexec(8) to execute a command in an existing jail. o Add -j option for killall(1) to kill all processes in a specified jail. o Add -i option to jail(8) to output jail ID of newly created jail.
2003-04-09 03:04:12 +00:00
case 'i':
iflag = 1;
break;
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
case 'u':
username = optarg;
o Implement -U flag: run command as user which exists only in jail. o getpwnam(3) returns NULL and does not set errno when the user does not exist. Bail out with "no such user" instead of "Unknown error: 0". PR: bin/67262 Submitted by: demon (-U flag) MFC after: 3 weeks
2004-05-29 18:39:27 +00:00
uflag = 1;
break;
case 'U':
username = optarg;
Uflag = 1;
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
break;
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
case 'l':
lflag = 1;
break;
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
default:
usage();
}
o Add jls(8) for listing active jails. o Add jexec(8) to execute a command in an existing jail. o Add -j option for killall(1) to kill all processes in a specified jail. o Add -i option to jail(8) to output jail ID of newly created jail.
2003-04-09 03:04:12 +00:00
}
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
argc -= optind;
argv += optind;
if (argc < 4)
usage();
o Implement -U flag: run command as user which exists only in jail. o getpwnam(3) returns NULL and does not set errno when the user does not exist. Bail out with "no such user" instead of "Unknown error: 0". PR: bin/67262 Submitted by: demon (-U flag) MFC after: 3 weeks
2004-05-29 18:39:27 +00:00
if (uflag && Uflag)
usage();
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
if (lflag && username == NULL)
usage();
o Implement -U flag: run command as user which exists only in jail. o getpwnam(3) returns NULL and does not set errno when the user does not exist. Bail out with "no such user" instead of "Unknown error: 0". PR: bin/67262 Submitted by: demon (-U flag) MFC after: 3 weeks
2004-05-29 18:39:27 +00:00
if (uflag)
GET_USER_INFO;
Prepare jail(8) utility for new functionality which will limit seeing status of mounted file system for jailed processes. Pass full path of jail's root directory to the kernel. mount(8) utility is doing the same thing already.
2004-06-27 10:10:16 +00:00
if (realpath(argv[0], path) == NULL)
err(1, "realpath: %s", argv[0]);
if (chdir(path) != 0)
err(1, "chdir: %s", path);
Add a version number field to the jail(2) argument so that future changes can be handled intelligently. WARNING: you will need to reinstall #includes and recompile jail(8).
1999-09-19 08:36:37 +00:00
memset(&j, 0, sizeof(j));
j.version = 0;
Prepare jail(8) utility for new functionality which will limit seeing status of mounted file system for jailed processes. Pass full path of jail's root directory to the kernel. mount(8) utility is doing the same thing already.
2004-06-27 10:10:16 +00:00
j.path = path;
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
j.hostname = argv[1];
o Fix error messages formatting, style. Prodded by: bde Reviewed by: bde
2003-04-02 09:20:08 +00:00
if (inet_aton(argv[2], &in) == 0)
errx(1, "Could not make sense of ip-number: %s", argv[2]);
Fix various bogons. Submitted by: Rudolf Cejka <cejkar@dcse.fee.vutbr.cz> Reviewed by: phk
1999-05-04 18:20:53 +00:00
j.ip_number = ntohl(in.s_addr);
o Add jls(8) for listing active jails. o Add jexec(8) to execute a command in an existing jail. o Add -j option for killall(1) to kill all processes in a specified jail. o Add -i option to jail(8) to output jail ID of newly created jail.
2003-04-09 03:04:12 +00:00
i = jail(&j);
if (i == -1)
o Fix error messages formatting, style. Prodded by: bde Reviewed by: bde
2003-04-02 09:20:08 +00:00
err(1, "jail");
Force output of jail ID (if necessary) before excuting the command, otherwise redirection of stdout to a file using block buffering will not complete in time.
2003-04-21 17:20:48 +00:00
if (iflag) {
o Add jls(8) for listing active jails. o Add jexec(8) to execute a command in an existing jail. o Add -j option for killall(1) to kill all processes in a specified jail. o Add -i option to jail(8) to output jail ID of newly created jail.
2003-04-09 03:04:12 +00:00
printf("%d\n", i);
Force output of jail ID (if necessary) before excuting the command, otherwise redirection of stdout to a file using block buffering will not complete in time.
2003-04-21 17:20:48 +00:00
fflush(stdout);
}
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
if (username != NULL) {
o Implement -U flag: run command as user which exists only in jail. o getpwnam(3) returns NULL and does not set errno when the user does not exist. Bail out with "no such user" instead of "Unknown error: 0". PR: bin/67262 Submitted by: demon (-U flag) MFC after: 3 weeks
2004-05-29 18:39:27 +00:00
if (Uflag)
GET_USER_INFO;
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
if (lflag) {
p = getenv("TERM");
environ = &cleanenv;
}
o Fix error messages formatting, style. Prodded by: bde Reviewed by: bde
2003-04-02 09:20:08 +00:00
if (setgroups(ngroups, groups) != 0)
err(1, "setgroups");
if (setgid(pwd->pw_gid) != 0)
err(1, "setgid");
if (setusercontext(lcap, pwd, pwd->pw_uid,
LOGIN_SETALL & ~LOGIN_SETGROUP) != 0)
err(1, "setusercontext");
Free login_cap(3) resources after usage. Submitted by: demon
2003-04-07 10:16:37 +00:00
login_close(lcap);
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
}
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
if (lflag) {
if (*pwd->pw_shell)
shell = pwd->pw_shell;
else
shell = _PATH_BSHELL;
if (chdir(pwd->pw_dir) < 0)
errx(1, "no home directory");
setenv("HOME", pwd->pw_dir, 1);
setenv("SHELL", shell, 1);
setenv("USER", pwd->pw_name, 1);
if (p)
setenv("TERM", p, 1);
}
o Fix error messages formatting, style. Prodded by: bde Reviewed by: bde
2003-04-02 09:20:08 +00:00
if (execv(argv[3], argv + 3) != 0)
err(1, "execv: %s", argv[3]);
o Add jls(8) for listing active jails. o Add jexec(8) to execute a command in an existing jail. o Add -j option for killall(1) to kill all processes in a specified jail. o Add -i option to jail(8) to output jail ID of newly created jail.
2003-04-09 03:04:12 +00:00
exit(0);
This Implements the mumbled about "Jail" feature. This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
}
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
static void
usage(void)
{
o Implement -U flag: run command as user which exists only in jail. o getpwnam(3) returns NULL and does not set errno when the user does not exist. Bail out with "no such user" instead of "Unknown error: 0". PR: bin/67262 Submitted by: demon (-U flag) MFC after: 3 weeks
2004-05-29 18:39:27 +00:00
(void)fprintf(stderr, "%s%s\n",
o Add -l option to jail(8) similar to su(1): before running jail'ed program under specific user's credentials, clean the environment and set only a few variables. PR: bin/70024 Submitted by: demon MFC after: 1 month
2004-08-15 08:21:50 +00:00
"usage: jail [-i] [-l -u username | -U username]",
o Implement -U flag: run command as user which exists only in jail. o getpwnam(3) returns NULL and does not set errno when the user does not exist. Bail out with "no such user" instead of "Unknown error: 0". PR: bin/67262 Submitted by: demon (-U flag) MFC after: 3 weeks
2004-05-29 18:39:27 +00:00
" path hostname ip-number command ...");
o Fix error messages formatting, style. Prodded by: bde Reviewed by: bde
2003-04-02 09:20:08 +00:00
exit(1);
o Add -u <username> flag to jail(8): set user context before exec. PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
2003-03-27 12:16:58 +00:00
}
Reference in New Issue Copy Permalink