Author: jamie
Date: Tue Jun 23 14:39:21 2009
New Revision: 194707
URL: http://svn.freebsd.org/changeset/base/194707
Log:
Remove unnecessary/redundant includes.
Approved by: bz (mentor)
Modified:
head/sys/kern/kern_cpuset.c
head/sys/kern/uipc_usrreq.c
Modified:
Author: jamie
Date: Tue Jun 23 14:39:51 2009
New Revision: 194708
URL: http://svn.freebsd.org/changeset/base/194708
Log:
Remove obsolete comment describing how the command line is
no longer parsed.
Approved by: bz (mentor)
Modified:
head/usr.sbin/jail/jail.c
Modified:
Author: jamie
Date: Tue Jun 23 14:40:08 2009
New Revision: 194709
URL: http://svn.freebsd.org/changeset/base/194709
Log:
Whitespace fix.
Approved by: bz (mentor)
Modified:
head/usr.sbin/jexec/jexec.c
Modified: head/usr.sbin/jexec/jexec.c
Author: jamie
Date: Tue Jun 23 20:35:51 2009
New Revision: 194762
URL: http://svn.freebsd.org/changeset/base/194762
Log:
Add a limit for child jails via the children.cur and children.max
parameters. This replaces the simple allow.jails permission.
Approved by: bz (mentor)
Modified:
Author: jamie
Date: Wed Jun 24 15:29:36 2009
New Revision: 194841
URL: http://svn.freebsd.org/changeset/base/194841
Log:
Fix a race in vi_if_move, where a vnet is used after the prison that
referred to it has been released.
Approved by: bz (mentor)
Modified:
Author: jamie
Date: Wed Jun 24 15:32:57 2009
New Revision: 194842
URL: http://svn.freebsd.org/changeset/base/194842
Log:
Clean up struct prison, with the recent fields in more logical places,
and room for future expansion.
Approved by: bz (mentor)
Modified:
head/sys/sys/jail.h
Author: jamie
Date: Wed Jun 24 18:18:35 2009
New Revision: 194869
URL: http://svn.freebsd.org/changeset/base/194869
Log:
Add libjail, a (somewhat) simpler interface to the jail_set and jail_get
system calls and the security.jail.param sysctls.
Approved by: bz (mentor)
Added:
Author: jamie
Date: Wed Jun 24 18:19:55 2009
New Revision: 194870
URL: http://svn.freebsd.org/changeset/base/194870
Log:
Add libjail, a (somewhat) simpler interface to the jail_set and jail_get
system calls and the security.jail.param sysctls.
Approved by: bz (mentor)
Modified:
Author: jamie
Date: Wed Jun 24 18:21:37 2009
New Revision: 194871
URL: http://svn.freebsd.org/changeset/base/194871
Log:
Add the vnet and -vnet options, to allow moving interfaces between
jails with VIMAGE.
Approved by: bz (mentor)
Modified:
head/rescue/rescue/Makefile
Author: jamie
Date: Wed Jun 24 21:39:50 2009
New Revision: 194915
URL: http://svn.freebsd.org/changeset/base/194915
Log:
In case of prisons with their own network stack, permit
additional privileges as well as not restricting the type of
sockets a user can open.
Note: the VIMAGE/vnet
Author: jamie
Date: Wed Jun 24 22:06:56 2009
New Revision: 194923
URL: http://svn.freebsd.org/changeset/base/194923
Log:
Wrap a PR_VNET inside #ifdef VIMAGE since that the only place it applies.
bz wants the blame for this.
Noticed by: rwatson
Approved by: bz (mentor)
Modified:
Author: jamie
Date: Thu Jun 25 22:42:19 2009
New Revision: 195011
URL: http://svn.freebsd.org/changeset/base/195011
Log:
Fix dynamic (re)allocation logic in jailparam_set and jailparam_get.
Touch up jailparam_import a bit while I'm at it.
Approved by: bz (mentor)
Modified:
Author: jamie
Date: Mon Jun 29 13:59:30 2009
New Revision: 195156
URL: http://svn.freebsd.org/changeset/base/195156
Log:
Add libjail to the boot_crunch binaries (for ifconfig).
PR: 136071
Submitted by: Scot Hetzel
Approved by: re (kensmith), bz (mentor)
Modified:
Author: jamie
Date: Thu Jul 2 14:19:33 2009
New Revision: 195285
URL: http://svn.freebsd.org/changeset/base/195285
Log:
Call prison_check from vfs_suser rather than re-implementing it.
Approved by: re (kib), bz (mentor)
Modified:
head/sys/kern/vfs_subr.c
Modified:
Author: jamie
Date: Wed Jul 8 15:57:22 2009
New Revision: 195462
URL: http://svn.freebsd.org/changeset/base/195462
Log:
Give a more expected behavior to -[hns] options, defaulting to all
parameters instead of ignoring the options and giving the old-style
default output.
Approved by:
Author: jamie
Date: Fri Jul 17 14:48:21 2009
New Revision: 195741
URL: http://svn.freebsd.org/changeset/base/195741
Log:
Remove the interim vimage containers, struct vimage and struct procg,
and the ioctl-based interface that supported them.
Approved by: re (kib), bz (mentor)
Modified:
Author: jamie
Date: Sat Jul 25 14:48:57 2009
New Revision: 195870
URL: http://svn.freebsd.org/changeset/base/195870
Log:
Some jail parameters (in particular, ip4 and ip6 for IP address
restrictions) were found to be inadequately described by a boolean.
Define a new parameter type with three
Author: jamie
Date: Wed Jul 29 16:41:02 2009
New Revision: 195944
URL: http://svn.freebsd.org/changeset/base/195944
Log:
Change the default value of the ip4 and ip6 jail parameters to
disable, which only allows access to the parent/physical system's
IP addresses when specifically directed.
Author: jamie
Date: Wed Jul 29 16:46:59 2009
New Revision: 195945
URL: http://svn.freebsd.org/changeset/base/195945
Log:
Don't allow mixing the vnet and ip4/6 jail parameters, since vnet
jails have their own IP stack and don't have access to the parent IP
addresses anyway. Note that a
Sam Leffler wrote:
Jamie Gritton wrote:
Author: jamie
Date: Wed Jul 29 16:41:02 2009
New Revision: 195944
URL: http://svn.freebsd.org/changeset/base/195944
Log:
Change the default value of the ip4 and ip6 jail parameters to
disable, which only allows access to the parent/physical system's
Author: jamie
Date: Thu Jul 30 05:36:31 2009
New Revision: 195969
URL: http://svn.freebsd.org/changeset/base/195969
Log:
Preset errno to zero before calling strtol(), so the check afterwards will
be valid. This is required since the malloc call from r195859 leaves
errno in an unknown
Author: jamie
Date: Thu Jul 30 14:28:56 2009
New Revision: 195974
URL: http://svn.freebsd.org/changeset/base/195974
Log:
Remove a LOR, where the the sleepable allprison_lock was being obtained
in prison_equal_ip4/6 while an inp mutex was held. Locking allprison_lock
can be avoided by
Author: jamie
Date: Fri Jul 31 14:30:06 2009
New Revision: 195998
URL: http://svn.freebsd.org/changeset/base/195998
Log:
Handle kernels that don't have IPv6 by not sending an ip6.addr
parameter unless a (numeric) IPv6 address is given. Even the default
binaries built with -DINET6 will work
Author: jamie
Date: Fri Jul 31 16:00:41 2009
New Revision: 196002
URL: http://svn.freebsd.org/changeset/base/196002
Log:
Make the enforce_statfs default 2 (most restrictive) in jail_set(2),
instead of whatever the parent/system has (which is generally 0). This
mirrors the old-style default
Author: jamie
Date: Thu Aug 27 16:15:51 2009
New Revision: 196592
URL: http://svn.freebsd.org/changeset/base/196592
Log:
Fix a LOR between allprison_lock and vnode locks by releasing
allprison_lock before releasing a prison's root vnode.
PR: kern/138004
Reviewed by: kib
Author: jamie
Date: Mon Aug 31 14:13:45 2009
New Revision: 196699
URL: http://svn.freebsd.org/changeset/base/196699
Log:
MFC r196592:
Fix a LOR between allprison_lock and vnode locks by releasing
allprison_lock before releasing a prison's root vnode.
PR: kern/138004
Author: jamie
Date: Fri Sep 4 19:00:48 2009
New Revision: 196835
URL: http://svn.freebsd.org/changeset/base/196835
Log:
Allow a jail's name to be the same as its jid (which is the default if no
name is specified), but still disallow other numeric names.
Reviewed by: zec
Approved by:
Author: jamie
Date: Tue Sep 8 19:18:02 2009
New Revision: 196989
URL: http://svn.freebsd.org/changeset/base/196989
Log:
MFC r196835:
Allow a jail's name to be the same as its jid (which is the default if
no name is specified), and let a numeric name specify the jid for a new
jail
Author: jamie
Date: Mon Sep 28 18:07:16 2009
New Revision: 197581
URL: http://svn.freebsd.org/changeset/base/197581
Log:
Set the prison in NFS anon and GSS SVC creds.
Reviewed by: marcel
MFC after:3 days
Modified:
head/sys/kern/vfs_export.c
Author: jamie
Date: Mon Sep 28 18:54:26 2009
New Revision: 197583
URL: http://svn.freebsd.org/changeset/base/197583
Log:
Back out r197581, which replaced this file witk sys/kern/vfs_export.c.
Who knew that svn export was an actual command, or that I would have
vfs_export.c stuck in my
Author: jamie
Date: Mon Sep 28 18:55:29 2009
New Revision: 197584
URL: http://svn.freebsd.org/changeset/base/197584
Log:
Set the prison in NFS anon and GSS SVC creds (as I indended to in r197581).
Reviewed by: marcel
Modified:
head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
Modified:
Marcel Moolenaar wrote:
On Sep 28, 2009, at 11:07 AM, Jamie Gritton wrote:
Author: jamie
Date: Mon Sep 28 18:07:16 2009
New Revision: 197581
URL: http://svn.freebsd.org/changeset/base/197581
Log:
Set the prison in NFS anon and GSS SVC creds.
Reviewed by:marcel
MFC after:3
Author: jamie
Date: Thu Oct 1 13:11:45 2009
New Revision: 197667
URL: http://svn.freebsd.org/changeset/base/197667
Log:
MFC r197581, r197583, r197584:
Set the prison in NFS anon and GSS SVC creds.
Reviewed by: marcel
Approved by: re (kib)
Modified:
stable/8/sys/ (props
Author: jamie
Date: Thu Jul 8 19:22:52 2010
New Revision: 209820
URL: http://svn.freebsd.org/changeset/base/209820
Log:
Properly recognize a number followed by non-digits as a jail name.
Call 0 a name because zero is used to indicate no specified jid.
MFC after:3 days
Modified:
Author: jamie
Date: Sun Jul 11 15:32:20 2010
New Revision: 209899
URL: http://svn.freebsd.org/changeset/base/209899
Log:
MFC r209820:
Properly recognize a number followed by non-digits as a jail name.
Call 0 a name because zero is used to indicate no specified jid.
Modified:
Author: jamie
Date: Thu Jul 15 19:21:07 2010
New Revision: 210133
URL: http://svn.freebsd.org/changeset/base/210133
Log:
Don't import parameter values in jail_getv, except for the search key.
Remove the internal jailparam_vlist, in favor of using variants of its
logic separately in
Author: jamie
Date: Thu Jul 15 19:21:33 2010
New Revision: 210134
URL: http://svn.freebsd.org/changeset/base/210134
Log:
Don't copy and return a potentially unset buffer when jail_get fails.
Modified:
head/lib/libjail/jail_getid.c
Modified: head/lib/libjail/jail_getid.c
Author: jamie
Date: Mon Jul 19 19:51:17 2010
New Revision: 210251
URL: http://svn.freebsd.org/changeset/base/210251
Log:
MFC r210133:
Don't import parameter values in jail_getv, except for the search key.
Remove the internal jailparam_vlist, in favor of using variants of its
Author: jamie
Date: Mon Jul 19 19:52:02 2010
New Revision: 210252
URL: http://svn.freebsd.org/changeset/base/210252
Log:
MFC r210134:
Don't copy and return a potentially unset buffer when jail_get fails.
Modified:
stable/8/lib/libjail/jail_getid.c
Directory Properties:
Author: jamie
Date: Sat May 23 16:13:26 2009
New Revision: 192644
URL: http://svn.freebsd.org/changeset/base/192644
Log:
Delay an error message until the variable it uses gets initialized.
Found with: Coverity Prevent(tm)
CID: 4316
Reported by: trasz
Approved by: bz
Author: jamie
Date: Wed May 27 14:11:23 2009
New Revision: 192895
URL: http://svn.freebsd.org/changeset/base/192895
Log:
Add hierarchical jails. A jail may further virtualize its environment
by creating a child jail, which is visible to that jail and to any
parent jails. Child jails may
Author: jamie
Date: Wed May 27 14:30:26 2009
New Revision: 192896
URL: http://svn.freebsd.org/changeset/base/192896
Log:
Add support for the arbitrary named jail parameters used by jail_set(2)
and jail_get(2). Jail(8) can now create jails using a name=value
format instead of just
Author: jamie
Date: Fri May 29 21:17:22 2009
New Revision: 193065
URL: http://svn.freebsd.org/changeset/base/193065
Log:
Fix some inaccuracies in the extensible parameter addition.
Approved by: bz (mentor)
Modified:
head/usr.sbin/jail/jail.8
Modified: head/usr.sbin/jail/jail.8
Author: jamie
Date: Fri May 29 21:27:12 2009
New Revision: 193066
URL: http://svn.freebsd.org/changeset/base/193066
Log:
Place hostnames and similar information fully under the prison system.
The system hostname is now stored in prison0, and the global variable
hostname has been removed, as
Author: jamie
Date: Tue Jun 9 22:09:29 2009
New Revision: 193865
URL: http://svn.freebsd.org/changeset/base/193865
Log:
Fix some overflow errors: a signed allocation and an insufficiant
array size.
Reported by: pho
Tested by:pho
Approved by: bz (mentor)
Modified:
Author: jamie
Date: Wed Jun 10 15:26:35 2009
New Revision: 193929
URL: http://svn.freebsd.org/changeset/base/193929
Log:
In the old-style jail command line, explicitly set parameters from the
security.jail.* sysctls since jail_set(2) doesn't do it implicitly.
Approved by: bz (mentor)
Marko Zec wrote:
On Thursday 11 June 2009 21:01:40 Pawel Jakub Dawidek wrote:
On Thu, Jun 11, 2009 at 04:50:49PM +, Marko Zec wrote:
Author: zec
Date: Thu Jun 11 16:50:49 2009
New Revision: 194012
URL: http://svn.freebsd.org/changeset/base/194012
Log:
Introduce a mechanism for detecting
Author: jamie
Date: Sat Jun 13 00:12:02 2009
New Revision: 194090
URL: http://svn.freebsd.org/changeset/base/194090
Log:
Add counterparts to getcredhostname:
getcreddomainname, getcredhostuuid, getcredhostid
Suggested by: rmacklem
Approved by: bz
Modified:
Author: jamie
Date: Sat Jun 13 15:35:22 2009
New Revision: 194117
URL: http://svn.freebsd.org/changeset/base/194117
Log:
Use getcredhostuuid instead of accessing the prison directly.
Approved by: bz (mentor)
Modified:
head/sys/fs/nfsclient/nfs_clstate.c
Modified:
Author: jamie
Date: Sat Jun 13 15:39:12 2009
New Revision: 194118
URL: http://svn.freebsd.org/changeset/base/194118
Log:
Rename the host-related prison fields to be the same as the host.*
parameters they represent, and the variables they replaced, instead of
abbreviated versions of them.
Author: jamie
Date: Mon Jun 15 18:59:29 2009
New Revision: 194251
URL: http://svn.freebsd.org/changeset/base/194251
Log:
Manage vnets via the jail system. If a jail is given the boolean
parameter vnet when it is created, a new vnet instance will be created
along with the jail. Networks
Author: jamie
Date: Mon Jun 15 19:01:53 2009
New Revision: 194252
URL: http://svn.freebsd.org/changeset/base/194252
Log:
Get vnets from creds instead of threads where they're available, and from
passed threads instead of curthread.
Reviewed by: zec, julian
Approved by: bz (mentor)
Julian Elischer wrote:
Jamie Gritton wrote:
Author: jamie
Date: Mon Jun 15 18:59:29 2009
New Revision: 194251
URL: http://svn.freebsd.org/changeset/base/194251
Log:
Manage vnets via the jail system. If a jail is given the boolean
parameter vnet when it is created, a new vnet instance
Julian Elischer wrote:
Jamie Gritton wrote:
Julian Elischer wrote:
the ioctl will be in ifconfig right?
ifconfig em0 jail {Jail-ID} ??
Right. Perhaps jail and unjail. Some pair to move an interface
into a vnetted jail and to reclaim it from one.
- Jamie
interesting.. I hadn't
Author: jamie
Date: Mon Mar 23 12:07:29 2009
New Revision: 190318
URL: http://svn.freebsd.org/changeset/base/190318
Log:
MFC:
r189864:
Default to AF_LOCAL instead of AF_INET sockets for non-family-specific
operations. This allows the query operations to work in non-IPv4 jails,
Author: jamie
Date: Fri Mar 27 13:13:59 2009
New Revision: 190466
URL: http://svn.freebsd.org/changeset/base/190466
Log:
Whitespace/spelling fixes in advance of upcoming functional changes.
Approved by: bz (mentor)
Modified:
head/sys/compat/freebsd32/freebsd32_misc.c
Author: jamie
Date: Wed Apr 29 16:02:52 2009
New Revision: 191668
URL: http://svn.freebsd.org/changeset/base/191668
Log:
With the permission of phk@ change the license on remaining jail code
to a 2 clause BSD license.
Approved by: phk
Approved by: bz (mentor)
Modified:
Author: jamie
Date: Wed Apr 29 21:50:13 2009
New Revision: 191675
URL: http://svn.freebsd.org/changeset/base/191675
Log:
Regen for new jail system calls in r191673.
Approved by: bz (mentor)
Modified:
head/sys/compat/freebsd32/freebsd32_proto.h
Alexander Leidinger wrote:
Quoting Jamie Gritton ja...@freebsd.org (from Wed, 29 Apr 2009
21:14:16 + (UTC)):
Author: jamie
Date: Wed Apr 29 21:14:15 2009
New Revision: 191673
URL: http://svn.freebsd.org/changeset/base/191673
Log:
Introduce the extensible jail framework, using
Author: jamie
Date: Thu Apr 30 22:43:21 2009
New Revision: 191711
URL: http://svn.freebsd.org/changeset/base/191711
Log:
Don't call the OSD destructor if the data slot is NULL
(since it's already not done on unused slots, which are indistinguishable
to the caller).
Approved by: bz
Author: jamie
Date: Mon May 4 19:06:05 2009
New Revision: 191792
URL: http://svn.freebsd.org/changeset/base/191792
Log:
Mark Linux MIB sysctls MPSAFE.
Reviewed by: dchagin, kib
Approved by: bz (mentor)
Modified:
head/sys/compat/linux/linux_mib.c
Modified:
Author: jamie
Date: Tue May 5 05:49:08 2009
New Revision: 191806
URL: http://svn.freebsd.org/changeset/base/191806
Log:
Add a constant PR_MAXMETHOD to better define the jail/OSD interface.
Reviewed by: dchagin, kib
Approved by: bz (mentor)
Modified:
head/sys/kern/kern_osd.c
...@freebsd.org\n1996/09/20]
ivoras [label=Ivan voras\nivo...@freebsd.org\n2008/06/10]
jake [label=Jake burkholder\nj...@freebsd.org\n2000/05/16]
+jamie [label=Jamie gritton\nja...@freebsd.org\n2009/01/28]
jayanth [label=Jayanth vijayaraghavan\njaya...@freebsd.org\n2000/05/08]
jinmei [label=JINMEI tatuya
Author: jamie
Date: Thu Feb 5 14:15:18 2009
New Revision: 188146
URL: http://svn.freebsd.org/changeset/base/188146
Log:
Don't allow creating a socket with a protocol family that the current
jail doesn't support. This involves a new function prison_check_af,
like prison_check_ip[46] but
Author: jamie
Date: Thu Feb 5 14:25:53 2009
New Revision: 188148
URL: http://svn.freebsd.org/changeset/base/188148
Log:
Remove redundant calls of prison_local_ip4 in in_pcbbind_setup, and of
prison_local_ip6 in in6_pcbbind.
Approved by: bz (mentor)
Modified:
Author: jamie
Date: Thu Feb 5 14:58:16 2009
New Revision: 188149
URL: http://svn.freebsd.org/changeset/base/188149
Log:
Call prison_if from rtm_get_jailed, instead of splitting it out into
prison_check_ip4 and prison_check_ip6. As prison_if includes a jailed()
check, remove that check
Author: jamie
Date: Mon May 28 20:44:11 2012
New Revision: 236198
URL: http://svn.freebsd.org/changeset/base/236198
Log:
When writing the jid via the -i flag, do it right when the jail is created,
before any commands run. /etc/rc.d/jail depends on this.
Modified:
Author: jamie
Date: Thu May 31 14:18:19 2012
New Revision: 236356
URL: http://svn.freebsd.org/changeset/base/236356
Log:
MFC r235949, r236198:
Don't try to set a null TERM environment.
When writing the jid via the -i flag, do it right when the jail is created,
before any
Author: jamie
Date: Thu Apr 26 17:36:05 2012
New Revision: 234712
URL: http://svn.freebsd.org/changeset/base/234712
Log:
A new jail(8) with a configuration file, ultimately to replace the work
currently done by /etc/rc.d/jail.
MFC after:3 months
Added:
head/usr.sbin/jail/command.c
Author: jamie
Date: Fri Apr 27 23:39:21 2012
New Revision: 234744
URL: http://svn.freebsd.org/changeset/base/234744
Log:
Fix the dates and history as of the move to HEAD.
Modified:
head/usr.sbin/jail/jail.conf.5
Modified: head/usr.sbin/jail/jail.conf.5
Author: jamie
Date: Wed May 2 21:24:08 2012
New Revision: 234934
URL: http://svn.freebsd.org/changeset/base/234934
Log:
Add YY_NO_INPUT so clang doesn't complain about input not being used.
Modified:
head/usr.sbin/jail/jaillex.l
Modified: head/usr.sbin/jail/jaillex.l
Author: jamie
Date: Thu May 3 21:39:23 2012
New Revision: 234988
URL: http://svn.freebsd.org/changeset/base/234988
Log:
Add a meta-parameter IP__NULL to enum intparam, instead of mixing
enum values and zeroes. This keeps clang happy (and is just good form).
Submitted by: dim
Modified:
Author: jamie
Date: Fri May 11 21:22:52 2012
New Revision: 235291
URL: http://svn.freebsd.org/changeset/base/235291
Log:
The linker isn't consistent in the ordering of dynamic sysctls, so don't
assume that the unnamed final component of security.jail.param.foo. is
one less than the foo
Author: jamie
Date: Fri May 18 19:08:10 2012
New Revision: 235624
URL: http://svn.freebsd.org/changeset/base/235624
Log:
MFC r235291:
The linker isn't consistent in the ordering of dynamic sysctls, so don't
assume that the unnamed final component of security.jail.param.foo. is
one
Author: jamie
Date: Tue May 22 18:30:32 2012
New Revision: 235799
URL: http://svn.freebsd.org/changeset/base/235799
Log:
The fix in r235291 re-broke the allow.nomount case. Re-fix it
by testing for the right parameter name.
Modified:
head/lib/libjail/jail.c
Modified:
Author: jamie
Date: Wed May 23 14:48:14 2012
New Revision: 235836
URL: http://svn.freebsd.org/changeset/base/235836
Log:
MFC r235799:
The fix in r235291 (r235624) re-broke the allow.nomount case.
Re-fix it by testing for the right parameter name.
PR: bin/168250
Modified:
Author: jamie
Date: Wed May 23 15:29:34 2012
New Revision: 235839
URL: http://svn.freebsd.org/changeset/base/235839
Log:
MFC r234712, r234744, r234934, r234988, r235294, r235335,
and bits of r235337 and r235355:
A new jail(8) with a configuration file, ultimately to replace the work
Author: jamie
Date: Wed May 23 15:30:13 2012
New Revision: 235840
URL: http://svn.freebsd.org/changeset/base/235840
Log:
Note that the new jail(8) will be appearing in 9.1.
Modified:
head/usr.sbin/jail/jail.8
head/usr.sbin/jail/jail.conf.5
Modified: head/usr.sbin/jail/jail.8
Author: jamie
Date: Wed May 23 15:47:07 2012
New Revision: 235841
URL: http://svn.freebsd.org/changeset/base/235841
Log:
MFC r222465, r223224, r224841, r232613:
Check for IPv4 or IPv6 to be available by the kernel to not
provoke errors trying to query options not available.
Make it
Author: jamie
Date: Fri May 25 00:38:06 2012
New Revision: 235949
URL: http://svn.freebsd.org/changeset/base/235949
Log:
Don't try to set a null TERM environment.
Submitted by: Mateusz Guzik mjguzik gmail.com
Modified:
head/usr.sbin/jail/command.c
Modified: head/usr.sbin/jail/command.c
Author: jamie
Date: Fri Nov 2 01:32:22 2012
New Revision: 242464
URL: http://svn.freebsd.org/changeset/base/242464
Log:
MFC r225191:
Delay the recursive decrement of pr_uref when jails are made invisible
but not removed; decrement it instead when the child jail actually
goes away.
Author: jamie
Date: Fri May 24 14:57:38 2013
New Revision: 250968
URL: http://svnweb.freebsd.org/changeset/base/250968
Log:
Mention the nojailvnet keyword.
MFC after:3 days
Modified:
head/share/man/man8/rc.8
Modified: head/share/man/man8/rc.8
Author: jamie
Date: Mon May 27 03:09:26 2013
New Revision: 251021
URL: http://svnweb.freebsd.org/changeset/base/251021
Log:
MFC r250968:
Mention the nojailvnet keyword.
Modified:
stable/9/share/man/man8/rc.8
Directory Properties:
stable/9/share/man/man8/ (props changed)
Modified:
Author: jamie
Date: Thu Feb 14 19:27:52 2013
New Revision: 246804
URL: http://svnweb.freebsd.org/changeset/base/246804
Log:
Handle (ignore) when a process disappears before it can be tracked.
Modified:
head/usr.sbin/jail/command.c
Modified: head/usr.sbin/jail/command.c
Author: jamie
Date: Wed Feb 20 04:14:31 2013
New Revision: 247019
URL: http://svnweb.freebsd.org/changeset/base/247019
Log:
MFC r246804:
Handle (ignore) when a process disappears before it can be tracked.
Modified:
stable/9/usr.sbin/jail/command.c
Directory Properties:
Author: jamie
Date: Thu Feb 21 02:41:37 2013
New Revision: 247071
URL: http://svnweb.freebsd.org/changeset/base/247071
Log:
Don't worry if a module is already loaded when looking for a fstype to mount
(possible in a race condition).
Reviewed by: kib
MFC after:1 week
Modified:
Author: jamie
Date: Thu Feb 28 18:46:56 2013
New Revision: 247486
URL: http://svnweb.freebsd.org/changeset/base/247486
Log:
MFC r247071:
Don't worry if a module is already loaded when looking for a fstype to mount
(possible in a race condition).
Reviewed by: kib
Modified:
Author: jamie
Date: Thu Mar 28 21:02:49 2013
New Revision: 248854
URL: http://svnweb.freebsd.org/changeset/base/248854
Log:
Reverse the order of some implicit commands (FS mounts and ifconfigs)
when stopping jails. This matters particularly for nested filesystem
mounts.
PR:
Author: jamie
Date: Sun Mar 31 04:10:37 2013
New Revision: 248939
URL: http://svnweb.freebsd.org/changeset/base/248939
Log:
MFC r248854:
Reverse the order of some implicit commands (FS mounts and ifconfigs)
when stopping jails. This matters particularly for nested filesystem
Author: jamie
Date: Sun May 19 04:10:34 2013
New Revision: 250804
URL: http://svnweb.freebsd.org/changeset/base/250804
Log:
Refine the nojail rc keyword, adding nojailvnet for files that don't
apply to most jails but do apply to vnet jails. This includes adding
a new sysctl
Author: jamie
Date: Wed May 22 18:26:12 2013
New Revision: 250915
URL: http://svnweb.freebsd.org/changeset/base/250915
Log:
MFC r250804:
Refine the nojail rc keyword, adding nojailvnet for files that don't
apply to most jails but do apply to vnet jails. This includes adding
a
Author: jamie
Date: Thu Oct 4 18:59:46 2012
New Revision: 241196
URL: http://svn.freebsd.org/changeset/base/241196
Log:
Move properly to the next parameter when jailparam_init fails
(i.e. on an unknown parameter), to avoid freeing bogus pointers.
Modified:
head/usr.sbin/jail/config.c
Author: jamie
Date: Thu Oct 4 19:07:05 2012
New Revision: 241197
URL: http://svn.freebsd.org/changeset/base/241197
Log:
Fix some memory allocation errors:
* jail_setv will leak a parameter name if jailparam_import fails.
* jailparam_all loses the jailparam pointer on realloc error
Author: jamie
Date: Thu Aug 23 01:43:01 2012
New Revision: 239601
URL: http://svn.freebsd.org/changeset/base/239601
Log:
Remember that I'm using length-defined strings in parameters:
Remove a bogus null terminator when stripping the netmask from
IP addresses. This was causing later
Author: jamie
Date: Thu Aug 23 01:43:22 2012
New Revision: 239602
URL: http://svn.freebsd.org/changeset/base/239602
Log:
Pre-separate IP addresses passed on the command line, so they can be
properly parsed for interface prefixes and netmask suffixes. This was
already done for the old-style
Author: jamie
Date: Thu Aug 23 19:39:23 2012
New Revision: 239621
URL: http://svn.freebsd.org/changeset/base/239621
Log:
Partially roll back r239601 - keep parameter strings both length-delimited
and null-terminated at the same time, because they're later passed to
libjail as
Author: jamie
Date: Wed Aug 29 16:11:03 2012
New Revision: 239854
URL: http://svn.freebsd.org/changeset/base/239854
Log:
MFC r239601:
Remember that I'm using length-defined strings in parameters:
Remove a bogus null terminator when stripping the netmask from
IP addresses. This
Author: jamie
Date: Wed Aug 29 18:40:12 2012
New Revision: 239871
URL: http://svn.freebsd.org/changeset/base/239871
Log:
MFS r239854 (including MFC r239601, r239602, r239621):
Remember that I'm using length-defined strings in parameters:
Don't include the null terminator when
Author: jamie
Date: Tue Feb 17 21:29:39 2009
New Revision: 188732
URL: http://svn.freebsd.org/changeset/base/188732
Log:
Remove obsolete prison_service declarations.
Approved by: bz (mentor)
Modified:
head/sys/sys/jail.h
Modified: head/sys/sys/jail.h
Author: jamie
Date: Wed Feb 18 20:12:08 2009
New Revision: 188761
URL: http://svn.freebsd.org/changeset/base/188761
Log:
MFC:
r188144:
Standardize the various prison_foo_ip[46] functions and prison_if to
return zero on success and an error code otherwise. The possible errors
1 - 100 of 264 matches
Mail list logo
