summaryrefslogtreecommitdiffstats
path: root/usr.sbin/jail
Commit message (Collapse)AuthorAgeFilesLines
* Don't forget to increment the man page date.ed2009-10-181-1/+1
| | | | Reported by: bz
* Fix a typo in the jail(8) manpage.ed2009-10-181-1/+1
| | | | | Submitted by: Jille Timmermans <jille quis cx> MFC after: 1 week
* Handle kernels that don't have IPv6 by not sending an "ip6.addr"jamie2009-07-311-8/+32
| | | | | | | | parameter unless a (numeric) IPv6 address is given. Even the default binaries built with -DINET6 will work with IPv6-less kernels. With an eye to the future, similarly handle the possibility of an IPv4-less kernel. Approved by: re (kib), bz (mentor)
* Some jail parameters (in particular, "ip4" and "ip6" for IP addressjamie2009-07-251-11/+29
| | | | | | | | | restrictions) were found to be inadequately described by a boolean. Define a new parameter type with three values (disable, new, inherit) to handle these and future cases. Approved by: re (kib), bz (mentor) Discussed with: rwatson
* Fix a typo in the examples.jamie2009-07-081-2/+2
| | | | Approved by: re (kib), bz (mentor)
* Add libjail, a (somewhat) simpler interface to the jail_set and jail_getjamie2009-06-242-184/+25
| | | | | | system calls and the security.jail.param sysctls. Approved by: bz (mentor)
* Add a limit for child jails via the "children.cur" and "children.max"jamie2009-06-231-8/+15
| | | | | | parameters. This replaces the simple "allow.jails" permission. Approved by: bz (mentor)
* Remove obsolete comment describing how the command line isjamie2009-06-231-5/+0
| | | | | | no longer parsed. Approved by: bz (mentor)
* In preparation for raising NGROUPS and NGROUPS_MAX, change basebrooks2009-06-191-2/+7
| | | | | | | | | | | | | | | | | | | | | | system callers of getgroups(), getgrouplist(), and setgroups() to allocate buffers dynamically. Specifically, allocate a buffer of size sysconf(_SC_NGROUPS_MAX)+1 (+2 in a few cases to allow for overflow). This (or similar gymnastics) is required for the code to actually follow the POSIX.1-2008 specification where {NGROUPS_MAX} may differ at runtime and where getgroups may return {NGROUPS_MAX}+1 results on systems like FreeBSD which include the primary group. In id(1), don't pointlessly add the primary group to the list of all groups, it is always the first result from getgroups(). In principle the old code was more portable, but this was only done in one of the two places where getgroups() was called to the overall effect was pointless. Document the actual POSIX requirements in the getgroups(2) and setgroups(2) manpages. We do not yet support a dynamic NGROUPS, but we may in the future. MFC after: 2 weeks
* In the old-style jail command line, explicitly set parameters from thejamie2009-06-101-2/+39
| | | | | | security.jail.* sysctls since jail_set(2) doesn't do it implicitly. Approved by: bz (mentor)
* Fix grammar.jkoshy2009-06-081-1/+1
| | | | Submitted by: richardtoohey at paradise dot net dot nz on -doc
* Place hostnames and similar information fully under the prison system.jamie2009-05-291-6/+16
| | | | | | | | | | | | | | | | | The system hostname is now stored in prison0, and the global variable "hostname" has been removed, as has the hostname_mtx mutex. Jails may have their own host information, or they may inherit it from the parent/system. The proper way to read the hostname is via getcredhostname(), which will copy either the hostname associated with the passed cred, or the system hostname if you pass NULL. The system hostname can still be accessed directly (and without locking) at prison0.pr_host, but that should be avoided where possible. The "similar information" referred to is domainname, hostid, and hostuuid, which have also become prison parameters and had their associated global variables removed. Approved by: bz (mentor)
* Fix some inaccuracies in the extensible parameter addition.jamie2009-05-291-2/+2
| | | | Approved by: bz (mentor)
* Add support for the arbitrary named jail parameters used by jail_set(2)jamie2009-05-272-413/+810
| | | | | | | | | | | | | | and jail_get(2). Jail(8) can now create jails using a "name=value" format instead of just specifying a limited set of fixed parameters; it can also modify parameters of existing jails. Jls(8) can display all parameters of jails, or a specified set of parameters. The available parameters are gathered from the kernel, and not hard-coded into these programs. Small patches on killall(1) and jexec(8) to support jail names with jail_get(2). Approved by: bz (mentor)
* With the permission of phk@ change the license on remaining jail codejamie2009-04-291-7/+24
| | | | | | | to a 2 clause BSD license. Approved by: phk Approved by: bz (mentor)
* New sentence starts on a new line.bz2009-01-241-1/+2
| | | | MFC after: 2 week
* Update the description of the '-h' option wrt to primary addressesbz2009-01-241-4/+5
| | | | | | per address family and add a reference to the ip-addresses option. MFC after: 1 week
* s,unmount 8,umount 8, it is unmount(2) which I did not mean.bz2009-01-171-2/+2
| | | | | Submitted by: pluknet@gmail.com MFC after: 1 week
* o Sort .Xr.maxim2009-01-121-2/+2
|
* Add a short section talking about jails and file systems; mention thebz2009-01-111-1/+26
| | | | | | | | mountand jail-aware file systems as well as quota. PR: kern/68192 Reviewed by: simon MFC after: 2 weeks
* MFp4:bz2008-11-293-21/+283
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bring in updated jail support from bz_jail branch. This enhances the current jail implementation to permit multiple addresses per jail. In addtion to IPv4, IPv6 is supported as well. Due to updated checks it is even possible to have jails without an IP address at all, which basically gives one a chroot with restricted process view, no networking,.. SCTP support was updated and supports IPv6 in jails as well. Cpuset support permits jails to be bound to specific processor sets after creation. Jails can have an unrestricted (no duplicate protection, etc.) name in addition to the hostname. The jail name cannot be changed from within a jail and is considered to be used for management purposes or as audit-token in the future. DDB 'show jails' command was added to aid debugging. Proper compat support permits 32bit jail binaries to be used on 64bit systems to manage jails. Also backward compatibility was preserved where possible: for jail v1 syscalls, as well as with user space management utilities. Both jail as well as prison version were updated for the new features. A gap was intentionally left as the intermediate versions had been used by various patches floating around the last years. Bump __FreeBSD_version for the afore mentioned and in kernel changes. Special thanks to: - Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches and Olivier Houchard (cognet) for initial single-IPv6 patches. - Jeff Roberson (jeff) and Randall Stewart (rrs) for their help, ideas and review on cpuset and SCTP support. - Robert Watson (rwatson) for lots and lots of help, discussions, suggestions and review of most of the patch at various stages. - John Baldwin (jhb) for his help. - Simon L. Nielsen (simon) as early adopter testing changes on cluster machines as well as all the testers and people who provided feedback the last months on freebsd-jail and other channels. - My employer, CK Software GmbH, for the support so I could work on this. Reviewed by: (see above) MFC after: 3 months (this is just so that I get the mail) X-MFC Before: 7.2-RELEASE if possible
* Bump date.pjd2007-04-051-1/+1
|
* Add security.jail.mount_allowed sysctl, which allows to mount andpjd2007-04-051-0/+10
| | | | | | | | | | | | | | | | | | unmount jail-friendly file systems from within a jail. Precisely it grants PRIV_VFS_MOUNT, PRIV_VFS_UNMOUNT and PRIV_VFS_MOUNT_NONUSER privileges for a jailed super-user. It is turned off by default. A jail-friendly file system is a file system which driver registers itself with VFCF_JAIL flag via VFS_SET(9) API. The lsvfs(1) command can be used to see which file systems are jail-friendly ones. There currently no jail-friendly file systems, ZFS will be the first one. In the future we may consider marking file systems like nullfs as jail-friendly. Reviewed by: rwatson
* Change mount_devfs reference to "mount -t devfs".rodrigc2006-11-211-2/+2
| | | | Reminded by: ru
* Markup fixes.ru2006-09-291-9/+11
|
* Use IP addresses out of "TEST-NET" (for use in documentation andbz2006-06-111-9/+9
| | | | | | example code) [RFC3330]. Reviewed by: simon
* Revert 1.73, since mounting devfs without a devfs ruleset inside asimon2006-05-281-1/+0
| | | | | | | jail is a very bad idea security wise. Approved by: trhodes (jcamou mentor) No response: jcamou
* Mention ruleset #4 (devfsrules_jail) in jail's man page.matteo2006-05-281-1/+3
| | | | MFC after: 3
* correct strtol(3) usage and style(9)matteo2006-05-121-4/+8
| | | | | Reviewed by: maxim MFC after: 2 weeks
* o Style(9) the previous commit a bit.maxim2006-05-111-13/+7
|
* Add the -s option to set jail's securelevel. This is useful for jails run ↵matteo2006-05-112-4/+26
| | | | | | | with non-root privileges. PR: bin/80242 MFC after: 2 weeks
* Use .Vt for struct xprisonmatteo2006-05-101-2/+4
| | | | Suggested by: keramida
* document security.jail.list sysctl in jail(8)matteo2006-05-081-1/+9
| | | | | PR: docs/96807 MFC after: 3
* o Document security.jail.jailed sysctl.maxim2006-05-031-1/+6
| | | | | | PR: docs/94711 Submitted by: Andreas Kohn MFC after: 2 weeks
* o Do not mangle current session user login name with jail -u|-U.maxim2006-04-161-1/+1
| | | | | | PR: bin/94730 Submitted by: Frank Behrens MFC after: 1 month
* Do `mount_devfs' when starting a jail.jcamou2006-03-161-0/+1
| | | | | | | PR: docs/86044 Noticed by: Dan Langille <dan@langille.org> Reviewed by: Jose Biskofski <jbiskofski@grmims.com> Approved by: trhodes (mentor)
* Add [-J jid_file] option to write out a JidFile, similar to a PidFile,philip2005-12-032-6/+30
| | | | | | | | | | containing the jailid, path, hostname, ip and the command used to start the jail. PR: misc/89883 Submitted by: L. Jason Godsey <lannygodsey -at- yahoo.com> Reviewed by: phk MFC after: 1 week
* Note that the jail setup example is meant to be fed to sh(1), not csh(1).keramida2005-10-261-3/+4
| | | | | | | PR: docs/87351 Submitted by: "Eli K. Breen" <bsd@unixforge.net> Approved by: simon, brooks MFC after: 3 days
* Add some more info about jail startup and shutdown.brueffer2005-08-071-7/+17
| | | | | Submitted by: Jeremie Le Hen <jeremie@le-hen.org> MFC after: 3 days
* Move DNS configuration before sendmail configuration, becausearved2005-07-251-4/+4
| | | | | | newaliases(1) may hang without proper DNS configuration. Approved by: brueffer
* Mention that it is possible to have jailsjcamou2005-07-201-0/+6
| | | | | | | | | | started at boot time if specified in /etc/rc.conf. PR: docs/81040 Submitted by: matteo Approved by: trhodes (mentor) MFC after: 1 week
* Markup fixes.ru2005-06-141-9/+6
| | | | Approved by: re (blanket)
* Update manual page after sysctl rename.pjd2005-06-091-13/+16
| | | | Corrected by: brueffer
* Document 'jid' keyword for ps(1) and '-j' option for pgrep(1)/pkill(1).pjd2005-05-281-5/+20
|
* Remove symblic link kernel->dev/null creation. We don't need it in 5.x/6.xpjd2005-05-141-2/+0
| | | | | | world (there is no /kernel file anymore). Reminded by: Isaac Levy presentation
* Fix spelling errors.joel2005-04-301-2/+2
| | | | Approved by: brueffer (mentor)
* Added the convenience "distribution" target which calls theru2005-02-271-2/+1
| | | | | | target of the same name from src/etc/Makefile with a proper environment, suitable to be used during upgrades and cross- builds.
* Add a new sysctl, "security.jail.chflags_allowed", which controls thecperciva2005-02-081-0/+9
| | | | | | | | | | | | | behaviour of chflags within a jail. If set to 0 (the default), then a jailed root user is treated as an unprivileged user; if set to 1, then a jailed root user is treated the same as an unjailed root user. This is necessary to allow "make installworld" to work inside a jail, since it attempts to manipulate the system immutable flag on certain files. Discussed with: csjp, rwatson MFC after: 2 weeks
* Fixed punctuation in xrefs.ru2005-01-211-1/+1
|
* Scheduled mdoc(7) sweep.ru2005-01-111-5/+3
|
OpenPOWER on IntegriCloud