1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
|
diff -Naur jailer-1.1/src/Makefile.am jailer-1.1.1/src/Makefile.am
--- jailer-1.1/src/Makefile.am Wed May 22 23:39:38 2002
+++ jailer-1.1.1/src/Makefile.am Tue May 28 15:44:41 2002
@@ -1,6 +1,8 @@
-sbin_PROGRAMS = jailer dmesg
-jailer_SOURCES = jailer.c
+sbin_PROGRAMS = jailer dmesg injail
+jailer_SOURCES = jailer.c injail.c
+injail_SOURCES = injail.c injail_main.c
+LIBS = -lkvm
dmesg_SOURCES = dmesg.c
-man_MANS = jailer.8
+man_MANS = jailer.8 injail.8
EXTRA_DIST = $(man_MANS)
diff -Naur jailer-1.1/src/injail.8 jailer-1.1.1/src/injail.8
--- jailer-1.1/src/injail.8 Wed Dec 31 19:00:00 1969
+++ jailer-1.1.1/src/injail.8 Tue May 28 16:09:55 2002
@@ -0,0 +1,37 @@
+.Dd May 28, 2002
+.Dt INJAIL 8
+.Os
+.Sh NAME
+.Nm injail
+.Nd determine if a process is running in a jail
+.Sh SYNOPSIS
+.Nm
+.Sh DESCRIPTION
+The
+.Nm
+utility returns a result which indicates the jailed status of
+the current process environment.
+.Sh DIAGNOSTICS
+The
+.Nm
+utility exits with one of the following values:
+.Bl -tag -width indent -compact
+.It 0
+the process is running in a jail.
+.It 1
+the process is not running in a jail.
+.It 2
+an error prevented determining if the process is running in a jail.
+.El
+.Sh BUGS
+.Nm
+uses kvm_getprocs(3) to determine process status. Anything which
+could cause a failure in either kvm_open(3) or kvm_getprocs(3) can
+cause this to fail as well. There aught to be a cleaner way.
+.Sh AUTHOR
+ James E. Quick <jq@quick.com>
+
+.Sh SEE ALSO
+.Xr jailer 8 ,
+.Xr jail 8 ,
+.Xr kvm 3
diff -Naur jailer-1.1/src/injail.c jailer-1.1.1/src/injail.c
--- jailer-1.1/src/injail.c Wed Dec 31 19:00:00 1969
+++ jailer-1.1.1/src/injail.c Tue May 28 15:15:54 2002
@@ -0,0 +1,52 @@
+/* injail
+* A utility function to determine if a process is running in a
+* FreeBSD jail.
+*
+* Compiled with _INJAIL_MAIN will produce an executable to allow
+* testing from within scripts.
+*
+* This code was written by James E. Quick mailto:jq@quick.com
+* The code may be freely re-used under the terms of the BSD copyright,
+* as long as this comment remains intact.
+*/
+
+#include <kvm.h>
+#include <sys/param.h>
+#include <paths.h>
+#include <limits.h>
+#include <sys/types.h>
+#include <sys/user.h>
+#include <sys/sysctl.h>
+#include <sys/file.h>
+#include <stdio.h>
+
+#if __FreeBSD_version > 500000
+#define P_FLAG ki_flag
+#else
+#define P_FLAG kp_proc.p_flag
+#endif
+
+/* int injail()
+* Return 1 if running in a jail, 0 if not, -1 on error
+* jq 05/28/2002
+*/
+int injail ()
+{
+ int count = 0;
+ kvm_t *kd = 0;
+ struct kinfo_proc *kp;
+ char *memf, *nlistf, *swapf, errbuf[_POSIX2_LINE_MAX];
+ int result = -1;
+
+ memf = nlistf = swapf = _PATH_DEVNULL;
+ kd = kvm_openfiles(nlistf, memf, swapf, O_RDONLY, errbuf);
+ if (kd) {
+ kp = kvm_getprocs(kd, KERN_PROC_PID, getpid(), &count);
+ if (kp) {
+ result = (kp->P_FLAG & P_JAILED) ? 0:1;
+ }
+ kvm_close(kd);
+ }
+
+ return result;
+}
diff -Naur jailer-1.1/src/injail_main.c jailer-1.1.1/src/injail_main.c
--- jailer-1.1/src/injail_main.c Wed Dec 31 19:00:00 1969
+++ jailer-1.1.1/src/injail_main.c Tue May 28 15:30:01 2002
@@ -0,0 +1,36 @@
+/* injail
+* A utility function to determine if a process is running in a
+* FreeBSD jail.
+*
+* Compiled with _INJAIL_MAIN will produce an executable to allow
+* testing from within scripts.
+*
+* This code was written by James E. Quick mailto:jq@quick.com
+* The code may be freely re-used under the terms of the BSD copyright,
+* as long as this comment remains intact.
+*/
+
+#include <stdio.h>
+
+int injail();
+
+/* main for injail
+* return 0 if in a jail
+* return 1 if not in jail
+* return 2 if error prevented determining status
+* jq 05/28/2002
+*/
+main(int argc, char *argv[])
+{
+ int jailed;
+
+ jailed = injail();
+ if (jailed == -1) {
+ fprintf(stderr, "injail: Could not determine jailed status.\n");
+ return 2;
+ } else if (jailed) {
+ return 0;
+ }
+
+ return 1;
+}
diff -Naur jailer-1.1/src/jailer.c jailer-1.1.1/src/jailer.c
--- jailer-1.1/src/jailer.c Tue May 21 16:18:19 2002
+++ jailer-1.1.1/src/jailer.c Tue May 28 15:34:32 2002
@@ -92,15 +92,23 @@
static void getJailName(char* buff, int buffLen);
static int createConsole();
static int runCommand(char* command, char* header);
+int injail();
int main(int argc, char* argv[])
{
+ int jailed;
char* consoleFile = CONSOLE_LOG;
FILE* console = NULL;
+ jailed = injail();
+ if (jailed == 0 || jailed == -1) {
+ fprintf(stderr, "jailer: Cannot determine if I am in jail.\n");
+ return 1;
+ }
/* Get the name of the current jail */
getJailName(g_jailName, MAX_JAIL_NAME);
+
if(argc > 1)
consoleFile = argv[1];
|
