Page MenuHomeFreeBSD
Differential D3017

Add PF_IMMUTABLE for immutable parameters in jail.conf
ClosedPublic
Actions

Authored by hrs on Jul 7 2015, 6:17 PM.
Tags
None
Referenced Files
Unknown Object (File)
Oct 4 2024, 4:56 AM
Unknown Object (File)
Oct 3 2024, 4:10 PM
Unknown Object (File)
Oct 3 2024, 8:51 AM
Unknown Object (File)
Oct 1 2024, 11:15 AM
Unknown Object (File)
Sep 26 2024, 10:42 PM
Unknown Object (File)
Sep 24 2024, 4:00 PM
Unknown Object (File)
Sep 21 2024, 6:23 AM
Unknown Object (File)
Sep 2 2024, 3:29 AM
View All 91 Files
Subscribers
imp

Details

Reviewers
jamie
Commits
rS285279: Implement PF_IMMUTABLE flag and apply it to "name" and "jid" in
Summary

Currently "name" parameter can be redefined as a normal variable
in jail.conf. However, redefinition of it causes a mismatch
between j->intparams[KP_NAME] and j->name, and screws up parameter
configurations. This has been reported in PR 196574.

This patch makes "name" as an immutable parameter. This prevents both

foo { $name = "bar"; }

in jail.conf and a command line like "jail -c name=j1 name=j2".

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

hrs updated this revision to Diff 6758.Jul 7 2015, 6:17 PM
hrs retitled this revision from to Add PF_IMMUTABLE for immutable parameters in jail.conf.
hrs updated this object.
hrs edited the test plan for this revision. (Show Details)
hrs added a reviewer: jamie.
Herald added a subscriber: imp. · View Herald TranscriptJul 7 2015, 6:17 PM
jamie edited edge metadata.Jul 7 2015, 8:38 PM

You may want to do the same with jid. You can give the jail.conf block a numeric tag, which will set the jid instead of the name, but will will still set j->name to that tag string. I would expect the same sort of problem from then setting jid=x inside the block.

hrs updated this revision to Diff 6766.Jul 8 2015, 1:00 AM
hrs edited edge metadata.

Add PF_IMMUTABLE flag to both jid and name

hrs added a comment.Jul 8 2015, 1:04 AM
In D3017#59419, @jamie wrote:

You may want to do the same with jid. You can give the jail.conf block a numeric tag, which will set the jid instead of the name, but will will still set j->name to that tag string. I would expect the same sort of problem from then setting jid=x inside the block.

That's true. Thank you for your comment. The updated patch adds immutable flag to jid, too. Can you accept this revision if it is ready to commit?

jamie accepted this revision.Jul 8 2015, 3:43 AM
jamie edited edge metadata.
This revision is now accepted and ready to land.Jul 8 2015, 3:43 AM
Closed by commit rS285279: Implement PF_IMMUTABLE flag and apply it to "name" and "jid" in (authored by hrs). · Explain WhyJul 8 2015, 4:37 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
usr.sbin/
jail/
9 lines
1 line

Diff 6783

View Options

head/usr.sbin/jail/config.c

Loading...
View Options

head/usr.sbin/jail/jailp.h

Loading...