In message <[EMAIL PROTECTED]>, Ju lian Elischer writes: > >We have some software we'd like to behave slightly differently if it is >in a jail. > >What methods do people use to detect they are in a jail? >procfs/curproc might work but I don't want to depend on procfs. >ps aux can be used but seems rather heavyweight. >Something like a sysctl would be best. I could implement it >(unless there's already something I missed), if it was considered >the right answer.
Use sysctl to pick up your own proc, look for the jail flag. It takes less than 10 lines of C. >Also, does anyone wnow the mechanism for ping failing (in 4.x systems) >from jails? Yes. raw sockets are blanket denied in jails. Not because it is impossible to properly filter them, but because nobody has written the code it takes. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [EMAIL PROTECTED] | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
