summaryrefslogtreecommitdiffstats
path: root/lib/libc/sys/jail.2
Commit message (Collapse)AuthorAgeFilesLines
* A new jail(8) with a configuration file, ultimately to replace the workjamie2012-04-261-39/+1
|\ | | | | | | | | | | currently done by /etc/rc.d/jail. MFC after: 3 months
| * Remove a section that went to jail(8), and fix a small grammar error.jamie2010-10-201-39/+1
| |
* | Remove trailing whitespace per mdoc lint warningeadler2012-03-291-2/+2
| | | | | | | | | | | | | | Disussed with: gavin No objection from: doc Approved by: joel MFC after: 3 days
* | Globally replace u_int*_t from (non-contributed) man pages.ed2012-02-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | The reasoning behind this, is that if we are consistent in our documentation about the uint*_t stuff, people will be less tempted to write new code that uses the non-standard types. I am not going to bump the man page dates, as these changes can be considered style nits. The meaning of the man pages is unaffected. MFC after: 1 month
* | Acknowledge that jail_attach and jail_remove can return EPERM.jamie2012-02-081-1/+3
|/ | | | MFC after: 1 week
* Spelling fixes.joel2010-08-021-1/+1
|
* Add a limit for child jails via the "children.cur" and "children.max"jamie2009-06-231-7/+7
| | | | | | parameters. This replaces the simple "allow.jails" permission. Approved by: bz (mentor)
* Add hierarchical jails. A jail may further virtualize its environmentjamie2009-05-271-5/+21
| | | | | | | | | | | | | | | | | | | | | | by creating a child jail, which is visible to that jail and to any parent jails. Child jails may be restricted more than their parents, but never less. Jail names reflect this hierarchy, being MIB-style dot-separated strings. Every thread now points to a jail, the default being prison0, which contains information about the physical system. Prison0's root directory is the same as rootvnode; its hostname is the same as the global hostname, and its securelevel replaces the global securelevel. Note that the variable "securelevel" has actually gone away, which should not cause any problems for code that properly uses securelevel_gt() and securelevel_ge(). Some jail-related permissions that were kept in global variables and set via sysctls are now per-jail settings. The sysctls still exist for backward compatibility, used only by the now-deprecated jail(2) system call. Approved by: bz (mentor)
* Introduce the extensible jail framework, using the same "name=value"jamie2009-04-291-10/+255
| | | | | | | | | | | | | | interface as nmount(2). Three new system calls are added: * jail_set, to create jails and change the parameters of existing jails. This replaces jail(2). * jail_get, to read the parameters of existing jails. This replaces the security.jail.list sysctl. * jail_remove to kill off a jail's processes and remove the jail. Most jail parameters may now be changed after creation, and jails may be set to exist without any attached processes. The current jail(2) system call still exists, though it is now a stub to jail_set(2). Approved by: bz (mentor)
* With the permission of phk@ change the license on remaining jail codejamie2009-04-291-6/+22
| | | | | | | to a 2 clause BSD license. Approved by: phk Approved by: bz (mentor)
* Document the special loopback address behaviour of jails.bz2009-01-061-1/+7
| | | | | | | PR: kern/103464 Submitted by: brueffer (correct markup) Reviewed by: brueffer MFC after: 2 weeks
* MFp4:bz2008-11-291-7/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bring in updated jail support from bz_jail branch. This enhances the current jail implementation to permit multiple addresses per jail. In addtion to IPv4, IPv6 is supported as well. Due to updated checks it is even possible to have jails without an IP address at all, which basically gives one a chroot with restricted process view, no networking,.. SCTP support was updated and supports IPv6 in jails as well. Cpuset support permits jails to be bound to specific processor sets after creation. Jails can have an unrestricted (no duplicate protection, etc.) name in addition to the hostname. The jail name cannot be changed from within a jail and is considered to be used for management purposes or as audit-token in the future. DDB 'show jails' command was added to aid debugging. Proper compat support permits 32bit jail binaries to be used on 64bit systems to manage jails. Also backward compatibility was preserved where possible: for jail v1 syscalls, as well as with user space management utilities. Both jail as well as prison version were updated for the new features. A gap was intentionally left as the intermediate versions had been used by various patches floating around the last years. Bump __FreeBSD_version for the afore mentioned and in kernel changes. Special thanks to: - Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches and Olivier Houchard (cognet) for initial single-IPv6 patches. - Jeff Roberson (jeff) and Randall Stewart (rrs) for their help, ideas and review on cpuset and SCTP support. - Robert Watson (rwatson) for lots and lots of help, discussions, suggestions and review of most of the patch at various stages. - John Baldwin (jhb) for his help. - Simon L. Nielsen (simon) as early adopter testing changes on cluster machines as well as all the testers and people who provided feedback the last months on freebsd-jail and other channels. - My employer, CK Software GmbH, for the support so I could work on this. Reviewed by: (see above) MFC after: 3 months (this is just so that I get the mail) X-MFC Before: 7.2-RELEASE if possible
* Add EAGAIN to the ERRORS list, as found in kern_jail.c.trhodes2008-08-031-1/+3
| | | | | PR: 125253 Submitted by: Mateusz Guzik <mjguzik@gmail.com> (original version)
* Fixed the misplaced $FreeBSD$.ru2005-02-091-7/+7
|
* Spelling fixes.mpp2004-06-211-2/+2
|
* - Markup fix-ups (add .Dq, and some hard line breaks at the endkensmith2003-11-111-4/+10
| | | | | | of sentences). Approved by: blackend (mentor)
* - Add a note about how jail(2) effects the securelevel.kensmith2003-11-111-0/+6
| | | | | Reviewed by: rwatson Approved by: blackend (mentor)
* Assorted mdoc(7) fixes.ru2003-05-221-9/+4
| | | | Approved by: re (blanket)
* o In struct prison, add an allprison linked list of prisons (protectedmike2003-04-091-3/+29
| | | | | | | | | | | | | | | by allprison_mtx), a unique prison/jail identifier field, two path fields (pr_path for reporting and pr_root vnode instance) to store the chroot() point of each jail. o Add jail_attach(2) to allow a process to bind to an existing jail. o Add change_root() to perform the chroot operation on a specified vnode. o Generalize change_dir() to accept a vnode, and move namei() calls to callers of change_dir(). o Add a new sysctl (security.jail.list) which is a group of struct xprison instances that represent a snapshot of active jails. Reviewed by: rwatson, tjr
* mdoc(7) police: Tidy up the syscall language.ru2002-12-181-2/+4
| | | | | | | | | | Stop calling system calls "function calls". Use "The .Fn system call" a-la "The .Nm utility". When referring to a non-BSD implementation in the HISTORY section, call syscall a function, to be safe.
* Remove extra word.dd2002-05-261-1/+1
| | | | Submitted by: Andre Guibert de Bruet <andy@siliconlandmark.com>
* mdoc(7) police: Use the new .In macro for #include statements.ru2001-10-011-2/+2
|
* Don't capitalize jail(2) in the middle of a sentence.dd2001-09-031-1/+1
| | | | | PR: 25876 Submitted by: Koizumi Satoru <koizumi@cms.phys.s.u-tokyo.ac.jp>
* There shuldn't be whitespace before a question mark.dd2001-08-271-1/+1
|
* Remove whitespace at EOL.dd2001-07-151-2/+2
|
* mdoc(7) police: removed HISTORY info from the .Os call.ru2001-07-101-1/+1
|
* mdoc(7) police: normalize .Nd.ru2001-04-181-1/+1
|
* Prepare for mdoc(7)NG.ru2000-12-291-1/+1
|
* mdoc(7) police: removed history info from the .Os FreeBSD call.ru2000-12-141-1/+1
|
* Use `Er' variable to define first column width in ERRORS section. It wasphantom2000-05-041-1/+1
| | | | initially suggested by mdoc(7) style, but was broken over the years
* Introduce ".Lb" macro to libc manpages.phantom2000-04-211-0/+2
| | | | More libraries manpages updates following.
* Fix a typo which I cannot believe I missed after rereading this textasmodai1999-12-211-1/+1
| | | | | | about 6-7 times prior to commit. Reported by: sheldonh
* Properly manify this manpage.asmodai1999-12-211-5/+5
| | | | | | | | Fix some spelling mistakes and typo's inspired by Nicholas' initial PR submission. PR: docs/15597 Submitted by: Nicholas Esborn <nick@flatlan.net>
* Add a version number field to the jail(2) argument so that future changesphk1999-09-191-3/+14
| | | | can be handled intelligently.
* mdoc(7) style fix: FreeBSD -> .Fxphantom1999-09-051-1/+2
| | | | Reviewed by: mpp
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* Various man page cleanup:mpp1999-08-151-5/+6
| | | | | | | | | | - Sort xrefs - FreeBSD.ORG -> FreeBSD.org - Be consistent with section names as outlines in mdoc(7) - Other misc mdoc cleanup. PR: doc/13144 Submitted by: Alexy M. Zelkin <phantom@cris.net>
* Clarify an explanation a little bit.phk1999-07-091-4/+9
|
* Minor English corrections were made; SEE ALSO was also fixed (no commas).green1999-06-171-4/+4
|
* $ brucify -deblunderphk1999-05-161-2/+2
|
* This Implements the mumbled about "Jail" feature.phk1999-04-281-0/+87
This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
OpenPOWER on IntegriCloud