summaryrefslogtreecommitdiff
path: root/srcx/jps.c
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2004-05-19 17:27:00 +0000
committerStef Walter <stef@memberwebs.com>2004-05-19 17:27:00 +0000
commite70562b7b93e79372e230738038c62cf80436088 (patch)
treecd06dcfec1089712026e33643547c46d85d7820a /srcx/jps.c
parent571095097eb025a6f1a4fbc24737084a1e367a9f (diff)
Proper preparing of kvm for jail
Diffstat (limited to 'srcx/jps.c')
-rw-r--r--srcx/jps.c35
1 files changed, 19 insertions, 16 deletions
diff --git a/srcx/jps.c b/srcx/jps.c
index 8b12b4a..867364d 100644
--- a/srcx/jps.c
+++ b/srcx/jps.c
@@ -61,9 +61,11 @@ static void run_jail_ps(int argc, char* argv[]);
int main(int argc, char* argv[])
{
- int ch = 0;
+ struct xprison* sxp = NULL;
+ struct xprison* xp = NULL;
+ size_t len;
+ int jid, ch = 0;
int simple = 0;
- int jid = 0;
while((ch = getopt(argc, argv, "i")) != -1)
{
@@ -86,19 +88,29 @@ int main(int argc, char* argv[])
if(argc == 0)
usage();
- if(running_in_jail())
+ if(running_in_jail() != 0)
errx(1, "can't run from inside jail");
/* Translate the jail name into an id if neccessary */
- jid = translate_jail_name(argv[0]);
- if(jid == -1)
+ len = get_jail_sysctl(&sxp);
+ xp = find_jail(argv[0], len, sxp);
+
+ if(xp == NULL)
errx(1, "unknown jail host name: %s", argv[0]);
argc--;
argv++;
+ /* This makes sure we can use kvm funcs in jail */
+ kvm_prepare_jail(xp);
+
+ jid = xp->pr_id;
+
+ /* Always free jail info before going into jail */
+ free_jail_sysctl(len, sxp);
+
/* Go into the jail */
- if(jail_attach(jid) == -1)
+ if(jail_attach(xp->pr_id) == -1)
err(1, "couldn't attach to jail");
if(simple)
@@ -126,21 +138,12 @@ static void usage()
static void run_jail_ps(int argc, char* argv[])
{
- char errbuf[_POSIX2_LINE_MAX];
char** args;
- kvm_t* kd;
int i;
if(!check_jail_command(NULL, "/bin/ps"))
exit(1);
- /* Make sure we can use kvm functionality here */
- kd = open_kvm_handle(NULL, errbuf);
- if(kd == NULL)
- errx(1, "couldn't connect to kernel: %s", errbuf);
-
- kvm_close(kd);
-
/*
* TODO: We need to purge down the environment here.
* If the jail is in any way malicious or compromised
@@ -166,7 +169,7 @@ static void print_jail_ids()
char errbuf[_POSIX2_LINE_MAX];
/* Open kernel interface */
- kd = open_kvm_handle(NULL, errbuf);
+ kd = kvm_openfiles(_PATH_DEVNULL, _PATH_DEVNULL, NULL, O_RDONLY, errbuf);
if(kd == NULL)
errx(1, "couldn't connect to kernel: %s", errbuf);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 21:50:57 +0000