freebsd-skq/sys/kern
Poul-Henning Kamp 75c1354190 This Implements the mumbled about "Jail" feature.
This is a seriously beefed up chroot kind of thing.  The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.

For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact:  "real virtual servers".

Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.

Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.

It generally does what one would expect, but setting up a jail
still takes a little knowledge.

A few notes:

   I have no scripts for setting up a jail, don't ask me for them.

   The IP number should be an alias on one of the interfaces.

   mount a /proc in each jail, it will make ps more useable.

   /proc/<pid>/status tells the hostname of the prison for
   jailed processes.

   Quotas are only sensible if you have a mountpoint per prison.

   There are no privisions for stopping resource-hogging.

   Some "#ifdef INET" and similar may be missing (send patches!)

If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!

Tools, comments, patches & documentation most welcome.

Have fun...

Sponsored by:   http://www.rndassociates.com/
Run for almost a year by:       http://www.servetheweb.com/
1999-04-28 11:38:52 +00:00
..
bus_if.m Bring the 'new-bus' to the i386. This extensively changes the way the 1999-04-16 21:22:55 +00:00
device_if.m My changes to the new device interface: 1998-11-14 21:58:51 +00:00
imgact_aout.c Restore support for executing BSD/OS binaries on the i386 by passing 1999-04-03 22:20:03 +00:00
imgact_elf.c If you merge this into -stable, please increment __FreeBSD_version 1999-02-20 23:52:34 +00:00
imgact_gzip.c *_execsw static structures cannot be const due to the way they interact 1999-01-29 22:59:43 +00:00
imgact_shell.c *_execsw static structures cannot be const due to the way they interact 1999-01-29 22:59:43 +00:00
inflate.c kzipboot uses kern/inflate.c outside the kernel by providing its own 1998-11-10 09:08:49 +00:00
init_main.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
init_sysent.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_acct.c Suser() simplification: 1999-04-27 11:18:52 +00:00
kern_clock.c Make the machdep.i8254_freq and machdep.tsc_freq sysctls modify the 1999-04-25 09:00:00 +00:00
kern_conf.c Call the module's unload handler before removing the device from the 1999-03-23 21:11:47 +00:00
kern_descrip.c s/static foo_devsw_installed = 0;/static int foo_devsw_installed;/. 1999-04-28 10:54:24 +00:00
kern_environment.c Fix warnings related to -Wall -Wcast-qual 1999-01-28 17:32:05 +00:00
kern_exec.c Suser() simplification: 1999-04-27 11:18:52 +00:00
kern_exit.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_fork.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_intr.c Stage 1 of a cleanup of the i386 interrupt registration mechanism. 1999-04-21 07:26:30 +00:00
kern_jail.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_ktrace.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_linker.c Enable vmspace sharing on SMP. Major changes are, 1999-04-28 01:04:33 +00:00
kern_lock.c fix breakage for alphas. 1999-03-15 05:11:27 +00:00
kern_lockf.c Fix warnings in preparation for adding -Wall -Wcast-qual to the 1999-01-27 21:50:00 +00:00
kern_malloc.c Fix warnings in preparation for adding -Wall -Wcast-qual to the 1999-01-27 21:50:00 +00:00
kern_mib.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_module.c More -Wall / -Wcast-qual cleanup. Also, EXEC_SET can't use 1999-01-29 08:36:45 +00:00
kern_ntptime.c Suser() simplification: 1999-04-27 11:18:52 +00:00
kern_physio.c Use the reference counted PHOLD()/PRELE() rather than P_PHYSIO. 1999-04-06 03:04:47 +00:00
kern_proc.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_prot.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_random.c Stage 1 of a cleanup of the i386 interrupt registration mechanism. 1999-04-21 07:26:30 +00:00
kern_resource.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_shutdown.c Suser() simplification: 1999-04-27 11:18:52 +00:00
kern_sig.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_subr.c This solves a deadlock that can occur when read()ing into a file-mmap() 1999-03-12 03:09:29 +00:00
kern_synch.c The magic "no-cpu" cpu number is 0xff. Don't misrepresent cpu 1999-03-05 16:38:13 +00:00
kern_syscalls.c Move lkmnosys() from kern_lkm.c to here. 1999-01-17 18:58:04 +00:00
kern_sysctl.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
kern_tc.c Make the machdep.i8254_freq and machdep.tsc_freq sysctls modify the 1999-04-25 09:00:00 +00:00
kern_threads.c Removed bogus casts to c_caddr_t. This is part of terminating 1999-01-29 08:29:05 +00:00
kern_time.c Suser() simplification: 1999-04-27 11:18:52 +00:00
kern_timeout.c Fix callout_init(). This didn't have any practical effect since it 1999-03-06 22:27:02 +00:00
kern_xxx.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
ksched.c
link_aout.c Fix warnings in preparation for adding -Wall -Wcast-qual to the 1999-01-28 00:57:57 +00:00
link_elf_obj.c Cast to `const char *' instead of to c_caddr_t. This is part of 1999-01-29 09:04:27 +00:00
link_elf.c Cast to `const char *' instead of to c_caddr_t. This is part of 1999-01-29 09:04:27 +00:00
Make.tags.inc Update to know about current kernel directory layout. 1999-02-28 22:14:16 +00:00
makedevops.pl Bring the 'new-bus' to the i386. This extensively changes the way the 1999-04-16 21:22:55 +00:00
makedevops.sh Use the interface name as well as the method name when creating the method 1998-10-15 09:50:45 +00:00
Makefile
makesyscalls.sh
md5c.c
p1003_1b.c Well folks, this is it - The second stage of the removal for build support 1999-04-17 08:36:07 +00:00
posix4_mib.c * Change sysctl from using linker_set to construct its tree using SLISTs. 1999-02-16 10:49:55 +00:00
subr_autoconf.c Fix a very long standing bug in run_interrupt_driven_config_hooks(). It 1999-04-25 22:13:34 +00:00
subr_blist.c Add new blist module - radix tree based bitmap allocator with 1999-01-21 08:11:06 +00:00
subr_bus.c GC some stray debugging printf()s... 1999-04-19 19:39:08 +00:00
subr_clist.c
subr_devstat.c Staticize. 1999-04-11 02:27:06 +00:00
subr_disklabel.c Fix -Wuninitialized warning regarding zero-length var-args ctl element. 1998-12-14 05:37:37 +00:00
subr_diskmbr.c Fix warnings in preparation for adding -Wall -Wcast-qual to the 1999-01-28 01:59:53 +00:00
subr_diskslice.c Rename one of the two devfs_link's to devfs_makelink. 1998-12-10 19:57:01 +00:00
subr_dkbad.c
subr_log.c The "easy" fixes for compiling the kernel -Wunused: remove unreferenced static 1998-12-07 21:58:50 +00:00
subr_module.c Align to sizeof(long) rather than sizeof(int32_t). It needs to be 1998-10-14 05:07:23 +00:00
subr_param.c Allow setting MAXFILES in the kernel config. 1999-04-09 16:28:11 +00:00
subr_prf.c Add snprintf(3) and vsnprintf(3) capability to the kernel. 1998-12-03 04:45:57 +00:00
subr_prof.c
subr_rlist.c This module was used only by the old swapper and has been #if'd out, 1999-01-21 08:58:41 +00:00
subr_rman.c Bring the 'new-bus' to the i386. This extensively changes the way the 1999-04-16 21:22:55 +00:00
subr_scanf.c Only needed to cast array index from char to unsigned char, did not 1999-02-14 20:58:21 +00:00
subr_smp.c Enable vmspace sharing on SMP. Major changes are, 1999-04-28 01:04:33 +00:00
subr_trap.c Enable vmspace sharing on SMP. Major changes are, 1999-04-28 01:04:33 +00:00
subr_xxx.c * Fix a couple of places in the device pager where an address was 1998-11-08 12:39:07 +00:00
sys_generic.c Add standard padding argument to pread and pwrite syscall. That should make them 1999-04-04 21:41:28 +00:00
sys_pipe.c Add standard padding argument to pread and pwrite syscall. That should make them 1999-04-04 21:41:28 +00:00
sys_process.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
sys_socket.c Add standard padding argument to pread and pwrite syscall. That should make them 1999-04-04 21:41:28 +00:00
syscalls.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
syscalls.master Add the jail system call. 1999-04-28 11:28:49 +00:00
sysv_ipc.c Change suser_xxx() to suser() where it applies. 1999-04-27 12:21:16 +00:00
sysv_msg.c Change suser_xxx() to suser() where it applies. 1999-04-27 12:21:16 +00:00
sysv_sem.c Change suser_xxx() to suser() where it applies. 1999-04-27 12:21:16 +00:00
sysv_shm.c Change suser_xxx() to suser() where it applies. 1999-04-27 12:21:16 +00:00
tty_compat.c
tty_conf.c
tty_cons.c s/static foo_devsw_installed = 0;/static int foo_devsw_installed;/. 1999-04-28 10:54:24 +00:00
tty_pty.c Suser() simplification: 1999-04-27 11:18:52 +00:00
tty_snoop.c Suser() simplification: 1999-04-27 11:18:52 +00:00
tty_subr.c
tty_tb.c
tty_tty.c
tty.c Suser() simplification: 1999-04-27 11:18:52 +00:00
uipc_domain.c Redo domain registration to use SYSINITS rather than linker sets. 1999-04-26 08:56:09 +00:00
uipc_mbuf.c Typo in comment. 1999-04-12 10:07:15 +00:00
uipc_proto.c Register the local (unix domain) sockets ourselves. 1999-04-26 08:56:53 +00:00
uipc_sockbuf.c Port NetBSD's 19990120-accept bug fix. This works around the race condition 1999-01-25 16:58:56 +00:00
uipc_socket2.c Port NetBSD's 19990120-accept bug fix. This works around the race condition 1999-01-25 16:58:56 +00:00
uipc_socket.c Lite2 bugfixes merge: 1999-04-24 18:22:34 +00:00
uipc_syscalls.c Fix warnings in preparation for adding -Wall -Wcast-qual to the 1999-01-27 21:50:00 +00:00
uipc_usrreq.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
vfs_aio.c Enable vmspace sharing on SMP. Major changes are, 1999-04-28 01:04:33 +00:00
vfs_bio.c getnewbuf(): check return value from tsleep(). Interruptible NFS may pass 1999-04-14 18:51:52 +00:00
vfs_cache.c Fix a braino in the v_id wraparound code. Give more (current) details 1999-04-24 17:58:14 +00:00
vfs_cluster.c Reviewed by: Many at differnt times in differnt parts, 1999-03-12 02:24:58 +00:00
vfs_conf.c
vfs_default.c Added a used #include (don't depend on "vnode_if.h" including <sys/buf.h>). 1999-02-25 15:54:06 +00:00
vfs_export.c Reviewed by: Many at differnt times in differnt parts, 1999-03-12 02:24:58 +00:00
vfs_extattr.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
vfs_init.c * Register sysctl nodes before running sysinits when loading files and 1999-03-07 16:06:41 +00:00
vfs_lookup.c Fix warnings in preparation for adding -Wall -Wcast-qual to the 1999-01-28 00:57:57 +00:00
vfs_mount.c
vfs_subr.c Reviewed by: Many at differnt times in differnt parts, 1999-03-12 02:24:58 +00:00
vfs_syscalls.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
vfs_vnops.c This Implements the mumbled about "Jail" feature. 1999-04-28 11:38:52 +00:00
vnode_if.pl Declare static __inline functions as __inline in their forward 1999-02-28 11:30:00 +00:00
vnode_if.sh Declare static __inline functions as __inline in their forward 1999-02-28 11:30:00 +00:00
vnode_if.src Remove incorrect lock specs for vop_whiteout (introduced by Lite/2). 1999-03-27 03:08:07 +00:00