From e70562b7b93e79372e230738038c62cf80436088 Mon Sep 17 00:00:00 2001
From: Stef Walter <stef@memberwebs.com>
Date: Wed, 19 May 2004 17:27:00 +0000
Subject: Proper preparing of kvm for jail

---
 srcx/jps.c | 35 +++++++++++++++++++----------------
 1 file changed, 19 insertions(+), 16 deletions(-)

(limited to 'srcx/jps.c')

diff --git a/srcx/jps.c b/srcx/jps.c
index 8b12b4a..867364d 100644
--- a/srcx/jps.c
+++ b/srcx/jps.c
@@ -61,9 +61,11 @@ static void run_jail_ps(int argc, char* argv[]);
 
 int main(int argc, char* argv[])
 {
-    int ch = 0;
+    struct xprison* sxp = NULL;
+    struct xprison* xp = NULL;
+    size_t len;
+    int jid, ch = 0;
     int simple = 0;
-    int jid = 0;
 
     while((ch = getopt(argc, argv, "i")) != -1)
     {
@@ -86,19 +88,29 @@ int main(int argc, char* argv[])
     if(argc == 0)
         usage();
 
-    if(running_in_jail())
+    if(running_in_jail() != 0)
         errx(1, "can't run from inside jail");
 
     /* Translate the jail name into an id if neccessary */
-    jid = translate_jail_name(argv[0]);
-    if(jid == -1)
+    len = get_jail_sysctl(&sxp);
+    xp = find_jail(argv[0], len, sxp);
+
+    if(xp == NULL)
         errx(1, "unknown jail host name: %s", argv[0]);
 
     argc--;
     argv++;
 
+    /* This makes sure we can use kvm funcs in jail */
+    kvm_prepare_jail(xp);
+
+    jid = xp->pr_id;
+
+    /* Always free jail info before going into jail */
+    free_jail_sysctl(len, sxp);
+
     /* Go into the jail */
-    if(jail_attach(jid) == -1)
+    if(jail_attach(xp->pr_id) == -1)
         err(1, "couldn't attach to jail");
 
     if(simple)
@@ -126,21 +138,12 @@ static void usage()
 
 static void run_jail_ps(int argc, char* argv[])
 {
-    char errbuf[_POSIX2_LINE_MAX];
     char** args;
-    kvm_t* kd;
     int i;
 
     if(!check_jail_command(NULL, "/bin/ps"))
         exit(1);
 
-    /* Make sure we can use kvm functionality here */
-    kd = open_kvm_handle(NULL, errbuf);
-    if(kd == NULL)
-        errx(1, "couldn't connect to kernel: %s", errbuf);
-
-    kvm_close(kd);
-
     /*
      * TODO: We need to purge down the environment here.
      * If the jail is in any way malicious or compromised
@@ -166,7 +169,7 @@ static void print_jail_ids()
     char errbuf[_POSIX2_LINE_MAX];
 
     /* Open kernel interface */
-    kd = open_kvm_handle(NULL, errbuf);
+    kd = kvm_openfiles(_PATH_DEVNULL, _PATH_DEVNULL, NULL, O_RDONLY, errbuf);
     if(kd == NULL)
         errx(1, "couldn't connect to kernel: %s", errbuf);
 
-- 
cgit v1.2.3