create an empty jail with libjail
joris dedieu
joris.dedieu at gmail.com
Fri Oct 5 16:29:41 UTC 2012
2012/10/5 joris dedieu <joris.dedieu at gmail.com>:
> Hi,
> I try to create an empty jail using libjail. Something equivalent to
> "jail -c name=empty host.hostname=empty path=/var/empty persist". I've
> tried with jailparam_import and jail_setv on 8.3 and 9.1 but both
> failed. I can't find where my code is wrong.
>
> Eg 1:
>
> #include <sys/param.h>
> #include <sys/jail.h>
> #include <jail.h>
>
> int
> main(int argc, char **argv)
> {
> struct jailparam params[4];
> int jid;
> jailparam_init(¶ms[0], "name");
> jailparam_import(¶ms[0], "empty");
> jailparam_init(¶ms[1], "host.hostname");
> jailparam_import(¶ms[1], "empty.rmdir.fr");
> jailparam_init(¶ms[2], "path");
> jailparam_import(¶ms[2], "/var/empty");
> /*jailparam_init(¶ms[3], "persist");
> jailparam_import(¶ms[3], NULL);*/
>
> if((jid = jailparam_set(params, 4, JAIL_CREATE)) == -1)
> err(1, "jailparam_set");
> printf("jid is %d", jid);
> return 0;
> }
The problem with this code (except the comments) was in my world. It
works fot me after reinstalling the libc.
The second code (with jail_setv, still not working). I will try to
find what's wrong with it.
Joris
>
>
> jailparam_import fails with EINVAL (from libc's jail_set but i don't
> know why)
>
>
> Eg 2:
>
> #include <sys/param.h>
> #include <sys/jail.h>
> #include <jail.h>
>
> int
> main(int argc, char **argv)
> {
> int jid;
> if((jid = jail_setv(JAIL_CREATE,
> "name", "empty"
> "host.hostname", "empty",
> "path", "/var/empty",
> "persist", NULL, NULL
> )) == -1)
> err(1, "jail_setv");
> printf("jid is %d", jid);
> return 0;
> }
>
> jail_setv fails with ENOENT. I think it comes from libjail's
> jailparam_type as persist is not in security.jail.param's mib in
> prison 0 (see .lib/libjail/jail.c:854).
>
>
> I really don't understand why it doesn't work. If someone could have a
> little look, it would be grate.
>
> Regards
> Joris
More information about the freebsd-jail
mailing list