Details

Reviewers

None

Group Reviewers

Commits

rS337925: Revert r337922, except for some documention-only bits. This needs to wait
rS337922: Put jail(2) under COMPAT_FREEBSD11. It has been the "old" way of creating
rS337919: security.jail.enforce_statfs is handled by jail_set(2), so handling it in

Summary

The old jail system had sysctls to set jail permissions for all jails (e.g. security.jail.mount_allowed), which were superseded by per-jail permissions (e.g. allow.mount). These old sysctls remain a constant source of confusion to users, who expect that setting the sysctl will change the behavior of existing jails. That the sysctl value at the time a jail is created may matter is a backward-compatibility hack that does little or nothing to relieve the confusion. So it's time for them to go.

Also, jail(2) has been replaced by jail_set(2) for a number of years now, and it really ought to retire - at least into the COMPAT world.

Test Plan

There are very few bits of core code that actually used either jail(2) or the old sysctls (they're apparent in the non-kernel parts of the diff). Make sure these still work as expected.

The trickier part is to assess the change to other code, notably jail-related ports such as ezjail. It might be the case that some of this software needs to be brought up to the current state of things.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jamie created this revision.Mar 22 2018, 3:56 AM

Herald added a reviewer: manpages. · View Herald TranscriptMar 22 2018, 3:56 AM

Herald added subscribers: delphij, imp. · View Herald Transcript

Harbormaster completed remote builds in B15707: Diff 40582.Mar 22 2018, 3:56 AM

jamie mentioned this in D14681: Dynamically add jail-enabled filesystems.Mar 22 2018, 4:08 AM

As suggested by bz@, I've only removed the sysctls #ifdef BURN_BRIDGES.

Harbormaster completed remote builds in B15717: Diff 40597.Mar 22 2018, 3:37 PM

Once again, this time actually updating the diff...

Harbormaster completed remote builds in B15718: Diff 40598.Mar 22 2018, 3:39 PM

I'm keeping the sysctls around, though without COMPAT_FREEBSD11 (or with BURN_BRIDGES), they're read-only. This preserves the expected behavior for programs that want to find out what they're allowed to do before attempting it (e.g. rc.d/hostname and rc.d/zfs). But they will no longer be used to set global permissions for jails.

For a GENERIC kernel, i.e. COMPAT_FREEBSD11 and not BURN_BRIDGES, everything still works as before.

Harbormaster completed remote builds in B18790: Diff 46664.Aug 14 2018, 3:15 PM

This revision was not accepted when it landed; it landed in state Needs Review.Aug 16 2018, 6:31 PM

Closed by commit rS337919: security.jail.enforce_statfs is handled by jail_set(2), so handling it in (authored by jamie). · Explain Why

This revision was automatically updated to reflect the committed changes.

jamie mentioned this in rS337919: security.jail.enforce_statfs is handled by jail_set(2), so handling it in.

jamie mentioned this in rS337922: Put jail(2) under COMPAT_FREEBSD11. It has been the "old" way of creating.Aug 16 2018, 6:40 PM

jamie mentioned this in rS337925: Revert r337922, except for some documention-only bits. This needs to wait.Aug 16 2018, 7:09 PM

Remove deprecated jail global permission sysctls, and make jail(2) COMPAT_FREEBSD11
ClosedPublic
Actions

Details

Diff Detail

Event Timeline

Revision Contents
Changeset List

Diff 46791

head/usr.sbin/jail/config.c

head/usr.sbin/jail/jail.c

head/usr.sbin/jail/jailp.h

Remove deprecated jail global permission sysctls, and make jail(2) COMPAT_FREEBSD11ClosedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 46791

head/usr.sbin/jail/config.c

head/usr.sbin/jail/jail.c

head/usr.sbin/jail/jailp.h

Remove deprecated jail global permission sysctls, and make jail(2) COMPAT_FREEBSD11
ClosedPublic
Actions

Revision Contents
Changeset List