from:"Jamie Gritton"

svn commit: r214434 - head/lib/libjail

2010-10-27 Thread Jamie Gritton

Author: jamie Date: Wed Oct 27 21:01:53 2010 New Revision: 214434 URL: http://svn.freebsd.org/changeset/base/214434 Log: Find a jail's type as part of jailparam_init rather than waiting until it's absolutely necessary. MFC after:1 week Modified: head/lib/libjail/jail.c Modified:

svn commit: r239602 - head/usr.sbin/jail

2012-08-22 Thread Jamie Gritton

Author: jamie Date: Thu Aug 23 01:43:22 2012 New Revision: 239602 URL: http://svn.freebsd.org/changeset/base/239602 Log: Pre-separate IP addresses passed on the command line, so they can be properly parsed for interface prefixes and netmask suffixes. This was already done for the old-style

svn commit: r239601 - head/usr.sbin/jail

2012-08-22 Thread Jamie Gritton

Author: jamie Date: Thu Aug 23 01:43:01 2012 New Revision: 239601 URL: http://svn.freebsd.org/changeset/base/239601 Log: Remember that I'm using length-defined strings in parameters: Remove a bogus null terminator when stripping the netmask from IP addresses. This was causing later

svn commit: r239621 - head/usr.sbin/jail

2012-08-23 Thread Jamie Gritton

Author: jamie Date: Thu Aug 23 19:39:23 2012 New Revision: 239621 URL: http://svn.freebsd.org/changeset/base/239621 Log: Partially roll back r239601 - keep parameter strings both length-delimited and null-terminated at the same time, because they're later passed to libjail as

svn commit: r241196 - head/usr.sbin/jail

2012-10-04 Thread Jamie Gritton

Author: jamie Date: Thu Oct 4 18:59:46 2012 New Revision: 241196 URL: http://svn.freebsd.org/changeset/base/241196 Log: Move properly to the next parameter when jailparam_init fails (i.e. on an unknown parameter), to avoid freeing bogus pointers. Modified: head/usr.sbin/jail/config.c

svn commit: r241197 - head/lib/libjail

2012-10-04 Thread Jamie Gritton

Author: jamie Date: Thu Oct 4 19:07:05 2012 New Revision: 241197 URL: http://svn.freebsd.org/changeset/base/241197 Log: Fix some memory allocation errors: * jail_setv will leak a parameter name if jailparam_import fails. * jailparam_all loses the jailparam pointer on realloc error

svn commit: r209820 - head/usr.sbin/jls

2010-07-08 Thread Jamie Gritton

Author: jamie Date: Thu Jul 8 19:22:52 2010 New Revision: 209820 URL: http://svn.freebsd.org/changeset/base/209820 Log: Properly recognize a number followed by non-digits as a jail name. Call 0 a name because zero is used to indicate no specified jid. MFC after:3 days Modified:

svn commit: r210133 - head/lib/libjail

2010-07-15 Thread Jamie Gritton

Author: jamie Date: Thu Jul 15 19:21:07 2010 New Revision: 210133 URL: http://svn.freebsd.org/changeset/base/210133 Log: Don't import parameter values in jail_getv, except for the search key. Remove the internal jailparam_vlist, in favor of using variants of its logic separately in

svn commit: r210975 - head/usr.sbin/jail

2010-08-06 Thread Jamie Gritton

Author: jamie Date: Fri Aug 6 22:06:12 2010 New Revision: 210975 URL: http://svn.freebsd.org/changeset/base/210975 Log: Note that a jail without a command parameter will be persistent, instead of explicitly requiring one of command or persist. MFC after:3 days Modified:

Re: svn commit: r210974 - head/sys/kern

2010-08-07 Thread Jamie Gritton

On 08/07/10 11:08, Bjoern A. Zeeb wrote: On Fri, 6 Aug 2010, Jamie Gritton wrote: Author: jamie Date: Fri Aug 6 22:04:18 2010 New Revision: 210974 URL: http://svn.freebsd.org/changeset/base/210974 Log: Implicitly make a new jail persistent if it's set not to attach. I am not sure

svn commit: r211085 - head/sys/kern

2010-08-08 Thread Jamie Gritton

Author: jamie Date: Sun Aug 8 23:22:55 2010 New Revision: 211085 URL: http://svn.freebsd.org/changeset/base/211085 Log: Back out r210974. Any convenience of not typing persist is outweighed by the possibility of unintended partially-formed jails. Modified: head/sys/kern/kern_jail.c

svn commit: r211086 - head/usr.sbin/jail

2010-08-08 Thread Jamie Gritton

Author: jamie Date: Sun Aug 8 23:24:23 2010 New Revision: 211086 URL: http://svn.freebsd.org/changeset/base/211086 Log: Back out r210975, which changed documentation to match the now backed-out r210974. Modified: head/usr.sbin/jail/jail.8 Modified: head/usr.sbin/jail/jail.8

svn commit: r212072 - head/lib/libjail

2010-08-31 Thread Jamie Gritton

Author: jamie Date: Tue Aug 31 21:48:45 2010 New Revision: 212072 URL: http://svn.freebsd.org/changeset/base/212072 Log: Make it clear in the example that jailparam_export's return value should be freed. MFC after:3 days Modified: head/lib/libjail/jail.3 Modified:

svn commit: r212073 - head/lib/libjail

2010-08-31 Thread Jamie Gritton

Author: jamie Date: Tue Aug 31 21:50:09 2010 New Revision: 212073 URL: http://svn.freebsd.org/changeset/base/212073 Log: Don't over-allocate array values in jailparam_export. Fix a little comment typo. MFC after:3 days Modified: head/lib/libjail/jail.c Modified:

svn commit: r212436 - head/sys/kern

2010-09-10 Thread Jamie Gritton

Author: jamie Date: Fri Sep 10 21:45:42 2010 New Revision: 212436 URL: http://svn.freebsd.org/changeset/base/212436 Log: Don't exit kern_jail_set without freeing options when enforce_statfs has an illegal value. MFC after:3 days Modified: head/sys/kern/kern_jail.c Modified:

svn commit: r236198 - head/usr.sbin/jail

2012-05-28 Thread Jamie Gritton

Author: jamie Date: Mon May 28 20:44:11 2012 New Revision: 236198 URL: http://svn.freebsd.org/changeset/base/236198 Log: When writing the jid via the -i flag, do it right when the jail is created, before any commands run. /etc/rc.d/jail depends on this. Modified:

svn commit: r225191 - head/sys/kern

2011-08-26 Thread Jamie Gritton

Author: jamie Date: Fri Aug 26 16:03:34 2011 New Revision: 225191 URL: http://svn.freebsd.org/changeset/base/225191 Log: Delay the recursive decrement of pr_uref when jails are made invisible but not removed; decrement it instead when the child jail actually goes away. This avoids letting

svn commit: r234712 - in head: lib/libc/sys usr.sbin/jail

2012-04-26 Thread Jamie Gritton

Author: jamie Date: Thu Apr 26 17:36:05 2012 New Revision: 234712 URL: http://svn.freebsd.org/changeset/base/234712 Log: A new jail(8) with a configuration file, ultimately to replace the work currently done by /etc/rc.d/jail. MFC after:3 months Added: head/usr.sbin/jail/command.c

svn commit: r234744 - head/usr.sbin/jail

2012-04-27 Thread Jamie Gritton

Author: jamie Date: Fri Apr 27 23:39:21 2012 New Revision: 234744 URL: http://svn.freebsd.org/changeset/base/234744 Log: Fix the dates and history as of the move to HEAD. Modified: head/usr.sbin/jail/jail.conf.5 Modified: head/usr.sbin/jail/jail.conf.5

svn commit: r234934 - head/usr.sbin/jail

2012-05-02 Thread Jamie Gritton

Author: jamie Date: Wed May 2 21:24:08 2012 New Revision: 234934 URL: http://svn.freebsd.org/changeset/base/234934 Log: Add YY_NO_INPUT so clang doesn't complain about input not being used. Modified: head/usr.sbin/jail/jaillex.l Modified: head/usr.sbin/jail/jaillex.l

svn commit: r234988 - head/usr.sbin/jail

2012-05-03 Thread Jamie Gritton

Author: jamie Date: Thu May 3 21:39:23 2012 New Revision: 234988 URL: http://svn.freebsd.org/changeset/base/234988 Log: Add a meta-parameter IP__NULL to enum intparam, instead of mixing enum values and zeroes. This keeps clang happy (and is just good form). Submitted by: dim Modified:

svn commit: r235291 - head/lib/libjail

2012-05-11 Thread Jamie Gritton

Author: jamie Date: Fri May 11 21:22:52 2012 New Revision: 235291 URL: http://svn.freebsd.org/changeset/base/235291 Log: The linker isn't consistent in the ordering of dynamic sysctls, so don't assume that the unnamed final component of security.jail.param.foo. is one less than the foo

svn commit: r235799 - head/lib/libjail

2012-05-22 Thread Jamie Gritton

Author: jamie Date: Tue May 22 18:30:32 2012 New Revision: 235799 URL: http://svn.freebsd.org/changeset/base/235799 Log: The fix in r235291 re-broke the allow.nomount case. Re-fix it by testing for the right parameter name. Modified: head/lib/libjail/jail.c Modified:

svn commit: r235840 - head/usr.sbin/jail

2012-05-23 Thread Jamie Gritton

Author: jamie Date: Wed May 23 15:30:13 2012 New Revision: 235840 URL: http://svn.freebsd.org/changeset/base/235840 Log: Note that the new jail(8) will be appearing in 9.1. Modified: head/usr.sbin/jail/jail.8 head/usr.sbin/jail/jail.conf.5 Modified: head/usr.sbin/jail/jail.8

svn commit: r235949 - head/usr.sbin/jail

2012-05-24 Thread Jamie Gritton

Author: jamie Date: Fri May 25 00:38:06 2012 New Revision: 235949 URL: http://svn.freebsd.org/changeset/base/235949 Log: Don't try to set a null TERM environment. Submitted by: Mateusz Guzik mjguzik gmail.com Modified: head/usr.sbin/jail/command.c Modified: head/usr.sbin/jail/command.c

svn commit: r231236 - head/lib/libc/sys

2012-02-08 Thread Jamie Gritton

Author: jamie Date: Wed Feb 8 23:34:47 2012 New Revision: 231236 URL: http://svn.freebsd.org/changeset/base/231236 Log: Acknowledge that jail_attach and jail_remove can return EPERM. MFC after:1 week Modified: head/lib/libc/sys/jail.2 Modified: head/lib/libc/sys/jail.2

svn commit: r232342 - head/lib/libjail

2012-03-01 Thread Jamie Gritton

Author: jamie Date: Thu Mar 1 15:09:41 2012 New Revision: 232342 URL: http://svn.freebsd.org/changeset/base/232342 Log: Handle the case where a boolean parameter is also a node. PR: bin/165515 MFC after:2 weeks Modified: head/lib/libjail/jail.c Modified:

svn commit: r250804 - in head: etc etc/rc.d sys/kern

2013-05-18 Thread Jamie Gritton

Author: jamie Date: Sun May 19 04:10:34 2013 New Revision: 250804 URL: http://svnweb.freebsd.org/changeset/base/250804 Log: Refine the nojail rc keyword, adding nojailvnet for files that don't apply to most jails but do apply to vnet jails. This includes adding a new sysctl

svn commit: r250968 - head/share/man/man8

2013-05-24 Thread Jamie Gritton

Author: jamie Date: Fri May 24 14:57:38 2013 New Revision: 250968 URL: http://svnweb.freebsd.org/changeset/base/250968 Log: Mention the nojailvnet keyword. MFC after:3 days Modified: head/share/man/man8/rc.8 Modified: head/share/man/man8/rc.8

svn commit: r252841 - in head/sys: dev/mem kern sys

2013-07-05 Thread Jamie Gritton

Author: jamie Date: Fri Jul 5 21:31:16 2013 New Revision: 252841 URL: http://svnweb.freebsd.org/changeset/base/252841 Log: Add new privileges, PRIV_KMEM_READ and PRIV_KMEM_WRITE, used in opening /dev/kmem and /dev/mem (in addition to traditional file permission checks). PRIV_KMEM_READ is

svn commit: r252845 - head/sys/sys

2013-07-05 Thread Jamie Gritton

Author: jamie Date: Fri Jul 5 21:41:05 2013 New Revision: 252845 URL: http://svnweb.freebsd.org/changeset/base/252845 Log: Bump up _PRIV_HIGHEST to account for PRIV_KMEM_READ/WRITE. Submitted by: mdf Modified: head/sys/sys/priv.h Modified: head/sys/sys/priv.h

svn commit: r252855 - in head/sys: kern sys

2013-07-05 Thread Jamie Gritton

Author: jamie Date: Sat Jul 6 00:10:52 2013 New Revision: 252855 URL: http://svnweb.freebsd.org/changeset/base/252855 Log: Make the comments a little more clear about PRIV_KMEM_*, explicitly referring to /dev/[k]mem and noting it's about opening the files rather than actually reading and

Re: svn commit: r252841 - in head/sys: dev/mem kern sys

2013-08-30 Thread Jamie Gritton

On 08/30/13 11:13, Jase Thew wrote: On 05/07/2013 22:31, Jamie Gritton wrote: Author: jamie Date: Fri Jul 5 21:31:16 2013 New Revision: 252841 URL: http://svnweb.freebsd.org/changeset/base/252841 Log: Add new privileges, PRIV_KMEM_READ and PRIV_KMEM_WRITE, used in opening /dev

Re: svn commit: r255316 - head/sys/kern

2013-09-06 Thread Jamie Gritton

On 09/06/13 12:18, Gleb Smirnoff wrote: On Fri, Sep 06, 2013 at 05:32:29PM +, Jamie Gritton wrote: J Author: jamie J Date: Fri Sep 6 17:32:29 2013 J New Revision: 255316 J URL: http://svnweb.freebsd.org/changeset/base/255316 J J Log: J Keep PRIV_KMEM_READ permitted inside jails

svn commit: r246804 - head/usr.sbin/jail

2013-02-14 Thread Jamie Gritton

Author: jamie Date: Thu Feb 14 19:27:52 2013 New Revision: 246804 URL: http://svnweb.freebsd.org/changeset/base/246804 Log: Handle (ignore) when a process disappears before it can be tracked. Modified: head/usr.sbin/jail/command.c Modified: head/usr.sbin/jail/command.c

svn commit: r247071 - head/sys/kern

2013-02-20 Thread Jamie Gritton

Author: jamie Date: Thu Feb 21 02:41:37 2013 New Revision: 247071 URL: http://svnweb.freebsd.org/changeset/base/247071 Log: Don't worry if a module is already loaded when looking for a fstype to mount (possible in a race condition). Reviewed by: kib MFC after:1 week Modified:

svn commit: r248854 - head/usr.sbin/jail

2013-03-28 Thread Jamie Gritton

Author: jamie Date: Thu Mar 28 21:02:49 2013 New Revision: 248854 URL: http://svnweb.freebsd.org/changeset/base/248854 Log: Reverse the order of some implicit commands (FS mounts and ifconfigs) when stopping jails. This matters particularly for nested filesystem mounts. PR:

svn commit: r261266 - in head: sys/dev/drm sys/kern sys/sys usr.sbin/jail

2014-01-29 Thread Jamie Gritton

Author: jamie Date: Wed Jan 29 13:41:13 2014 New Revision: 261266 URL: http://svnweb.freebsd.org/changeset/base/261266 Log: Add a jail parameter, allow.kmem, which lets jailed processes access /dev/kmem and related devices (i.e. grants PRIV_IO and PRIV_KMEM_WRITE). This in conjunction with

svn commit: r261326 - in head: sys/dev/drm sys/kern sys/sys usr.sbin/jail

2014-01-31 Thread Jamie Gritton

Author: jamie Date: Fri Jan 31 17:39:51 2014 New Revision: 261326 URL: http://svnweb.freebsd.org/changeset/base/261326 Log: Back out r261266 pending security buy-in. r261266: Add a jail parameter, allow.kmem, which lets jailed processes access /dev/kmem and related devices (i.e.

svn commit: r275073 - in head: lib/libjail usr.sbin/jail

2014-11-25 Thread Jamie Gritton

Author: jamie Date: Tue Nov 25 21:01:08 2014 New Revision: 275073 URL: https://svnweb.freebsd.org/changeset/base/275073 Log: In preparation for using clang's -Wcast-qual: Use __DECONST (instead of my own attempted re-invention) for the iov parameters to jail_get/set(2). Similarly remove

svn commit: r275906 - head/usr.sbin/jail

2014-12-18 Thread Jamie Gritton

Author: jamie Date: Thu Dec 18 18:10:39 2014 New Revision: 275906 URL: https://svnweb.freebsd.org/changeset/base/275906 Log: Setgid before running a command as a specified user. Previously only initgroups(3) was called, what isn't quite enough. This brings jail(8) in line with jexec(8),

svn commit: r278343 - head/etc/rc.d

2015-02-06 Thread Jamie Gritton

Author: jamie Date: Sat Feb 7 05:02:10 2015 New Revision: 278343 URL: https://svnweb.freebsd.org/changeset/base/278343 Log: Revert the rc part of r278323 until I can figure out what Jenkins is doing. Modified: head/etc/rc.d/jail Modified: head/etc/rc.d/jail

svn commit: r278323 - in head: etc/rc.d usr.sbin/jail

2015-02-06 Thread Jamie Gritton

Author: jamie Date: Fri Feb 6 17:54:53 2015 New Revision: 278323 URL: https://svnweb.freebsd.org/changeset/base/278323 Log: Add mount.procfs jail parameter, so procfs can be mounted when a prison's root is in its fstab. Also fix a typo while I'm at it. PR: 197237 197066

svn commit: r277855 - in head: sys/fs/fdescfs sys/kern sys/sys usr.sbin/jail

2015-01-28 Thread Jamie Gritton

Author: jamie Date: Wed Jan 28 21:08:09 2015 New Revision: 277855 URL: https://svnweb.freebsd.org/changeset/base/277855 Log: Add allow.mount.fdescfs jail flag. PR: 192951 Submitted by: ru...@verweg.com MFC after:3 days Modified: head/sys/fs/fdescfs/fdesc_vfsops.c

svn commit: r277159 - in head/sys: kern sys

2015-01-13 Thread Jamie Gritton

Author: jamie Date: Wed Jan 14 04:50:28 2015 New Revision: 277159 URL: https://svnweb.freebsd.org/changeset/base/277159 Log: Remove the prison flags PR_IP4_DISABLE and PR_IP6_DISABLE, which have been write-only for as long as they've existed. Modified: head/sys/kern/kern_jail.c

svn commit: r277158 - head/sys/kern

2015-01-13 Thread Jamie Gritton

Author: jamie Date: Wed Jan 14 03:52:41 2015 New Revision: 277158 URL: https://svnweb.freebsd.org/changeset/base/277158 Log: Don't set prison's pr_ip4s or pr_ip6s to -1. PR: 196474 MFC after:3 days Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c

svn commit: r278480 - head/etc/rc.d

2015-02-09 Thread Jamie Gritton

Author: jamie Date: Tue Feb 10 00:48:51 2015 New Revision: 278480 URL: https://svnweb.freebsd.org/changeset/base/278480 Log: Un-revert the r278323 again - whatever Jenkins/kyua is up it, it has nothing to do with this. Modified: head/etc/rc.d/jail Modified: head/etc/rc.d/jail

svn commit: r279123 - head/usr.sbin/jls

2015-02-21 Thread Jamie Gritton

Author: jamie Date: Sun Feb 22 00:00:10 2015 New Revision: 279123 URL: https://svnweb.freebsd.org/changeset/base/279123 Log: Allow for parameters added with the JP_OPT flag to not exist. That's why the flag exists in the first place. MFC after:1 week Modified:

svn commit: r279081 - head/usr.sbin/jls

2015-02-20 Thread Jamie Gritton

Author: jamie Date: Fri Feb 20 19:48:24 2015 New Revision: 279081 URL: https://svnweb.freebsd.org/changeset/base/279081 Log: Allow parameters listed on the command line to override the -v option, instead of crashing. PR: 197701 MFC after:1 week Modified:

svn commit: r279083 - head/usr.sbin/jls

2015-02-20 Thread Jamie Gritton

Author: jamie Date: Fri Feb 20 20:12:05 2015 New Revision: 279083 URL: https://svnweb.freebsd.org/changeset/base/279083 Log: Fix the logic for skipping parameters (with -s) that have jailsys parents (such as host.hostname); these were being skipped all the time. That it went this long

svn commit: r287012 - in head/bin/pkill: . tests

2015-08-21 Thread Jamie Gritton

Author: jamie Date: Sat Aug 22 05:04:36 2015 New Revision: 287012 URL: https://svnweb.freebsd.org/changeset/base/287012 Log: Make pkill/pgrep -j ARG take jname, not just jid. PR: 201588 Submitted by: Daniel Shahaf danielsh at apache.org MFC after:3 days Modified:

svn commit: r285420 - head/usr.sbin/jexec

2015-07-12 Thread Jamie Gritton

Author: jamie Date: Sun Jul 12 17:03:50 2015 New Revision: 285420 URL: https://svnweb.freebsd.org/changeset/base/285420 Log: Run a shell in the jail when no command is specified. Add a new flag, -l, for a clean environment, same as jail(8) exec.clean. Change the GET_USER_INFO macro into a

svn commit: r292277 - head/sys/kern

2015-12-15 Thread Jamie Gritton

Author: jamie Date: Tue Dec 15 17:25:00 2015 New Revision: 292277 URL: https://svnweb.freebsd.org/changeset/base/292277 Log: Fix jail name checking that disallowed anything that starts with '0'. The intention was to just limit leading zeroes on numeric names. That check is now improved to

svn commit: r292759 - head/etc/rc.d

2015-12-26 Thread Jamie Gritton

Author: jamie Date: Sat Dec 26 23:01:34 2015 New Revision: 292759 URL: https://svnweb.freebsd.org/changeset/base/292759 Log: Let old-style (shell-based) jail configuration handle jail names that contain characters not allowed in a shell variable (such as "-"). These will be replaced by an

svn commit: r301737 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie Date: Thu Jun 9 15:34:33 2016 New Revision: 301737 URL: https://svnweb.freebsd.org/changeset/base/301737 Log: Remove a comment that was part of copied code, and is misleading in the new location. Modified: head/sys/kern/sysv_msg.c Modified: head/sys/kern/sysv_msg.c

svn commit: r301758 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie Date: Thu Jun 9 20:39:57 2016 New Revision: 301758 URL: https://svnweb.freebsd.org/changeset/base/301758 Log: Clean up some logic in jail error messages, replacing a missing test and a redundant test with a single correct test. Modified: head/sys/kern/kern_jail.c Modified:

svn commit: r301760 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie Date: Thu Jun 9 20:43:14 2016 New Revision: 301760 URL: https://svnweb.freebsd.org/changeset/base/301760 Log: Re-order some jail parameter reading to prevent a vnode leak. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c

svn commit: r301764 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie Date: Thu Jun 9 21:59:11 2016 New Revision: 301764 URL: https://svnweb.freebsd.org/changeset/base/301764 Log: Fix a vnode leak when giving a child jail a too-long path when debug.disablefullpath=1. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c

svn commit: r301745 - head/sys/kern

2016-06-09 Thread Jamie Gritton

Author: jamie Date: Thu Jun 9 16:41:41 2016 New Revision: 301745 URL: https://svnweb.freebsd.org/changeset/base/301745 Log: Make sure the OSD methods for jail set and remove can't run concurrently, by holding allprison_lock exclusively (even if only for a moment before downgrading) on all

svn commit: r300983 - in head: lib/libc/sys sys/kern

2016-05-29 Thread Jamie Gritton

Author: jamie Date: Mon May 30 05:21:24 2016 New Revision: 300983 URL: https://svnweb.freebsd.org/changeset/base/300983 Log: Mark jail(2), and the sysctls that it (and only it) uses as deprecated. jail(8) has long used jail_set(2), and those sysctl only cause confusion. Modified:

svn commit: r294196 - head/usr.sbin/jail

2016-01-16 Thread Jamie Gritton

Author: jamie Date: Sat Jan 16 22:32:57 2016 New Revision: 294196 URL: https://svnweb.freebsd.org/changeset/base/294196 Log: Don't bother checking an ip[46].addr netmask/prefixlen. This is already handled by ifconfig, and it was doing it wrong when the paramater included extra ifconfig

svn commit: r294183 - head/usr.sbin/jail

2016-01-16 Thread Jamie Gritton

Author: jamie Date: Sat Jan 16 18:13:28 2016 New Revision: 294183 URL: https://svnweb.freebsd.org/changeset/base/294183 Log: Clear errno before calling getpw*. Modified: head/usr.sbin/jail/command.c Modified: head/usr.sbin/jail/command.c

svn commit: r295468 - in head: lib/libc/sys usr.sbin/jail

2016-02-10 Thread Jamie Gritton

Author: jamie Date: Wed Feb 10 14:48:49 2016 New Revision: 295468 URL: https://svnweb.freebsd.org/changeset/base/295468 Log: Remove man page references to rndassociates.com, which has been taken over by a domain squatter. Modified: head/lib/libc/sys/jail.2 head/usr.sbin/jail/jail.8

svn commit: r294749 - head/etc/rc.d

2016-01-25 Thread Jamie Gritton

Author: jamie Date: Mon Jan 25 22:14:31 2016 New Revision: 294749 URL: https://svnweb.freebsd.org/changeset/base/294749 Log: Allow the (old rc-style) exec_afterstart jail parameters to start numbering at 0, like exec_prestart and the others do. Make param0 optional, i.e. still look for

svn commit: r297367 - head/sys/kern

2016-03-28 Thread Jamie Gritton

Author: jamie Date: Mon Mar 28 22:18:37 2016 New Revision: 297367 URL: https://svnweb.freebsd.org/changeset/base/297367 Log: Move the various per-type arrays of OSD data into a single structure array. Modified: head/sys/kern/kern_osd.c Modified: head/sys/kern/kern_osd.c

svn commit: r297424 - head/sys/compat/linux

2016-03-30 Thread Jamie Gritton

Author: jamie Date: Wed Mar 30 17:05:04 2016 New Revision: 297424 URL: https://svnweb.freebsd.org/changeset/base/297424 Log: Use osd_reserve / osd_jail_set_reserved, which is known to succeed. Also don't work around nonexistent osd_register failure. Modified:

svn commit: r297422 - in head: share/man/man9 sys/kern sys/sys

2016-03-30 Thread Jamie Gritton

Author: jamie Date: Wed Mar 30 16:57:28 2016 New Revision: 297422 URL: https://svnweb.freebsd.org/changeset/base/297422 Log: Add osd_reserve() and osd_set_reserved(), which allow M_WAITOK allocation of an OSD array, Modified: head/share/man/man9/osd.9 head/sys/kern/kern_osd.c

svn commit: r298597 - head/sys/kern

2016-04-25 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 22:30:10 2016 New Revision: 298597 URL: https://svnweb.freebsd.org/changeset/base/298597 Log: Fix the logic in r298585: shm_prison_cansee returns an errno, so is the opposite of a boolean. PR: 48471 Modified: head/sys/kern/sysv_shm.c Modified:

svn commit: r298585 - in head: sys/kern usr.sbin/jail

2016-04-25 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 17:06:50 2016 New Revision: 298585 URL: https://svnweb.freebsd.org/changeset/base/298585 Log: Encapsulate SYSV IPC objects in jails. Define per-module parameters sysvmsg, sysvsem, and sysvshm, with the following bahavior: inherit: allow full access to the

svn commit: r298584 - head/usr.sbin/jail

2016-04-25 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 17:01:13 2016 New Revision: 298584 URL: https://svnweb.freebsd.org/changeset/base/298584 Log: Note the existence of module-specific jail paramters, starting with the linux.* parameters when linux emulation is loaded. MFC after:5 days Modified:

svn commit: r298668 - head/sys/kern

2016-04-26 Thread Jamie Gritton

Author: jamie Date: Tue Apr 26 21:19:12 2016 New Revision: 298668 URL: https://svnweb.freebsd.org/changeset/base/298668 Log: Use crcopysafe in jail_attach. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c

svn commit: r298683 - in head/sys: kern sys

2016-04-26 Thread Jamie Gritton

Author: jamie Date: Wed Apr 27 02:25:21 2016 New Revision: 298683 URL: https://svnweb.freebsd.org/changeset/base/298683 Log: Delay revmoing the last jail reference in prison_proc_free, and instead put it off into the pr_task. This is similar to prison_free, and in fact uses the same task

svn commit: r298566 - head/sys/kern

2016-04-24 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 04:27:58 2016 New Revision: 298566 URL: https://svnweb.freebsd.org/changeset/base/298566 Log: Pass the current/new jail to PR_METHOD_CHECK, which pushes the call until after the jail is found or created. This requires unlocking the jail for the call and

svn commit: r298562 - head/usr.sbin/jail

2016-04-24 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 03:24:48 2016 New Revision: 298562 URL: https://svnweb.freebsd.org/changeset/base/298562 Log: Make jail(8) interpret escape codes in fstab the same as getfsent(3). PR: 208663 MFC after:3 days Modified: head/usr.sbin/jail/command.c

svn commit: r298565 - in head/sys: kern sys

2016-04-24 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 04:24:00 2016 New Revision: 298565 URL: https://svnweb.freebsd.org/changeset/base/298565 Log: Add a new jail OSD method, PR_METHOD_REMOVE. It's called when a jail is removed from the user perspective, i.e. when the last pr_uref goes away, even though the jail

svn commit: r298567 - head/sys/kern

2016-04-24 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 04:36:54 2016 New Revision: 298567 URL: https://svnweb.freebsd.org/changeset/base/298567 Log: Use the new PR_METHOD_REMOVE to clean up jail handling in POSIX message queues. Modified: head/sys/kern/uipc_mqueue.c Modified: head/sys/kern/uipc_mqueue.c

svn commit: r298564 - in head/sys: kern sys

2016-04-24 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 03:58:08 2016 New Revision: 298564 URL: https://svnweb.freebsd.org/changeset/base/298564 Log: Remove the PR_REMOVE flag, which was meant as a temporary marker for a jail that might be seen mid-removal. It hasn't been doing the right thing since at least the

svn commit: r298573 - head/sys/compat/linux

2016-04-25 Thread Jamie Gritton

Author: jamie Date: Mon Apr 25 06:08:45 2016 New Revision: 298573 URL: https://svnweb.freebsd.org/changeset/base/298573 Log: linux_map_osrel doesn't need to be checked in linux_prison_set, since it already was in linux_prison_check. Modified: head/sys/compat/linux/linux_mib.c Modified:

svn commit: r298516 - head/etc/rc.d

2016-04-23 Thread Jamie Gritton

Author: jamie Date: Sat Apr 23 16:23:01 2016 New Revision: 298516 URL: https://svnweb.freebsd.org/changeset/base/298516 Log: Don't remove the /var/run/jail_name.id file if a jail fails to start. This messes up ezjail (and possibly others), when attempting to start a jail that already

svn commit: r298863 - in head: share/man/man5 usr.sbin/jail

2016-04-30 Thread Jamie Gritton

Author: jamie Date: Sat Apr 30 21:27:41 2016 New Revision: 298863 URL: https://svnweb.freebsd.org/changeset/base/298863 Log: Clarify when happens when there is a "depend" parameter in jail.conf, and how this affects the "jail_list" option in rc.conf. Modified: head/share/man/man5/rc.conf.5

svn commit: r298656 - head/sys/kern

2016-04-26 Thread Jamie Gritton

Author: jamie Date: Tue Apr 26 18:17:44 2016 New Revision: 298656 URL: https://svnweb.freebsd.org/changeset/base/298656 Log: Redo the changes to the SYSV IPC sysctl functions from r298585, so they don't (mis)use sbufs. PR: 48471 Modified: head/sys/kern/sysv_msg.c

svn commit: r298888 - head/usr.sbin/jail

2016-05-01 Thread Jamie Gritton

Author: jamie Date: Sun May 1 16:48:03 2016 New Revision: 29 URL: https://svnweb.freebsd.org/changeset/base/29 Log: typo Submitted by: Jimmy Olgeni Modified: head/usr.sbin/jail/jail.8 Modified: head/usr.sbin/jail/jail.8

svn commit: r297935 - head/sys/kern

2016-04-13 Thread Jamie Gritton

Author: jamie Date: Wed Apr 13 20:14:13 2016 New Revision: 297935 URL: https://svnweb.freebsd.org/changeset/base/297935 Log: Separate POSIX sem/shm objects in jails, by prepending the jail's path name to the object's "path". While the objects don't have real path names, it's a

svn commit: r297936 - head/sys/kern

2016-04-13 Thread Jamie Gritton

Author: jamie Date: Wed Apr 13 20:15:49 2016 New Revision: 297936 URL: https://svnweb.freebsd.org/changeset/base/297936 Log: Separate POSIX mqueue objects in jails; actually, separate them by the jail's root, so jails that don't have their own filesystem directory also won't have their own

svn commit: r297976 - head/sys/kern

2016-04-14 Thread Jamie Gritton

Author: jamie Date: Thu Apr 14 17:07:26 2016 New Revision: 297976 URL: https://svnweb.freebsd.org/changeset/base/297976 Log: Clean up some style(9) violations. Modified: head/sys/kern/uipc_mqueue.c head/sys/kern/uipc_sem.c head/sys/kern/uipc_shm.c Modified: head/sys/kern/uipc_mqueue.c

svn commit: r302856 - head/usr.sbin/jail

2016-07-14 Thread Jamie Gritton

Author: jamie Date: Thu Jul 14 20:15:55 2016 New Revision: 302856 URL: https://svnweb.freebsd.org/changeset/base/302856 Log: Fix up the order in which jail creation processes are run, to preserve the config file's order in the non-parallel-start case. PR: 209112 MFC after:

svn commit: r302855 - head/etc/rc.d

2016-07-14 Thread Jamie Gritton

Author: jamie Date: Thu Jul 14 19:51:54 2016 New Revision: 302855 URL: https://svnweb.freebsd.org/changeset/base/302855 Log: Wait for jails to complete startup if jail_parallel_start is YES, instead of assuming they'll take less than one second. PR: 203172 Submitted by:

svn commit: r302857 - head/etc/rc.d

2016-07-14 Thread Jamie Gritton

Author: jamie Date: Thu Jul 14 20:17:08 2016 New Revision: 302857 URL: https://svnweb.freebsd.org/changeset/base/302857 Log: Start jails non-parallel if jail_parallel_start is NO. This was true for an explicitly specified jail list; now it's also true for all jails. PR: 209112

svn commit: r310530 - head/usr.sbin/jls

2016-12-24 Thread Jamie Gritton

Author: jamie Date: Sat Dec 24 23:51:27 2016 New Revision: 310530 URL: https://svnweb.freebsd.org/changeset/base/310530 Log: Improve IP address list representation in libxo output. Extract decision-making about special-case printing of certain jail parameters into a function.

svn commit: r316022 - head/usr.sbin/jail

2017-03-27 Thread Jamie Gritton

Author: jamie Date: Mon Mar 27 13:27:39 2017 New Revision: 316022 URL: https://svnweb.freebsd.org/changeset/base/316022 Log: Fix hexadecimal escape codes in jail.conf(5). PR: 218154 Submitted by: Masahiro Konishi MFC after:3 days Modified:

svn commit: r316023 - head/usr.sbin/jail

2017-03-27 Thread Jamie Gritton

Author: jamie Date: Mon Mar 27 13:37:40 2017 New Revision: 316023 URL: https://svnweb.freebsd.org/changeset/base/316023 Log: Same as r316022 (Fix hexadecimal escape codes in jail.conf(5)), but do it right this time. Reported by: Kyle Evans MFC after:3 days Modified:

svn commit: r321796 - head/usr.bin/calendar/calendars

2017-07-31 Thread Jamie Gritton

Author: jamie Date: Mon Jul 31 15:29:44 2017 New Revision: 321796 URL: https://svnweb.freebsd.org/changeset/base/321796 Log: Add myself to the birthday calendar. Reminded by: mckusick Modified: head/usr.bin/calendar/calendars/calendar.freebsd Modified:

svn commit: r333263 - in head: lib/libjail sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/linprocfs sys/compat/linsysfs sys/fs/devfs sys/fs/fdescfs sys/fs/nullfs sys/fs/procfs sys/fs/pse...

2018-05-04 Thread Jamie Gritton

Author: jamie Date: Fri May 4 20:54:27 2018 New Revision: 333263 URL: https://svnweb.freebsd.org/changeset/base/333263 Log: Make it easier for filesystems to count themselves as jail-enabled, by doing most of the work in a new function prison_add_vfs in kern_jail.c Now a jail-enabled

svn commit: r335921 - in head: lib/libugidfw sbin/ipfw usr.bin/cpuset usr.bin/sockstat

2018-07-03 Thread Jamie Gritton

Author: jamie Date: Tue Jul 3 23:47:20 2018 New Revision: 335921 URL: https://svnweb.freebsd.org/changeset/base/335921 Log: Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8), sockstat(1), ugidfw(8) These are the last of the jail-aware userland utilities that didn't

svn commit: r337867 - head/usr.sbin/jail

2018-08-15 Thread Jamie Gritton

Author: jamie Date: Wed Aug 15 20:23:17 2018 New Revision: 337867 URL: https://svnweb.freebsd.org/changeset/base/337867 Log: Don't let clobber jailparam values when checking for modification of init-only parameters. Compare string parameter values with strncmp, not memcmp. PR:

svn commit: r337925 - in head: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys

2018-08-16 Thread Jamie Gritton

Author: jamie Date: Thu Aug 16 19:09:43 2018 New Revision: 337925 URL: https://svnweb.freebsd.org/changeset/base/337925 Log: Revert r337922, except for some documention-only bits. This needs to wait until user is changed to stop using jail(2). Differential Revision:D14791

svn commit: r337919 - head/usr.sbin/jail

2018-08-16 Thread Jamie Gritton

Author: jamie Date: Thu Aug 16 18:30:49 2018 New Revision: 337919 URL: https://svnweb.freebsd.org/changeset/base/337919 Log: security.jail.enforce_statfs is handled by jail_set(2), so handling it in userspace jail(8) is redundant. Differential Revision:D14791 Modified:

svn commit: r337922 - in head: lib/libc/gen lib/libc/sys share/man/man9 sys/cddl/contrib/opensolaris/uts/common/fs/zfs sys/compat/freebsd32 sys/fs/nandfs sys/kern sys/sys sys/ufs/ufs

2018-08-16 Thread Jamie Gritton

Author: jamie Date: Thu Aug 16 18:40:16 2018 New Revision: 337922 URL: https://svnweb.freebsd.org/changeset/base/337922 Log: Put jail(2) under COMPAT_FREEBSD11. It has been the "old" way of creating jails since FreeBSD 7. Along with the system call, put the various

svn commit: r336038 - in head/sys: kern sys

2018-07-06 Thread Jamie Gritton

Author: jamie Date: Fri Jul 6 18:50:22 2018 New Revision: 336038 URL: https://svnweb.freebsd.org/changeset/base/336038 Log: Change prison_add_vfs() to the more generic prison_add_allow(), which can add any dynamic allow.* or allow.*.* parameter. Also keep prison_add_vfs() as a wrapper.

svn commit: r336035 - head/usr.bin/cpuset

2018-07-06 Thread Jamie Gritton

Author: jamie Date: Fri Jul 6 16:23:30 2018 New Revision: 336035 URL: https://svnweb.freebsd.org/changeset/base/336035 Log: Missed a bit of doc change from r335921. PR: 229266 Modified: head/usr.bin/cpuset/cpuset.1 Modified: head/usr.bin/cpuset/cpuset.1

1 2 >

1 - 100 of 113 matches

Mail list logo