D45545.id140339.diff
No OneTemporary
Actions

Size

3 KB

Referenced Files

None

Subscribers

None

D45545.id140339.diff
View Options

	diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
	--- a/sys/kern/kern_jail.c
	+++ b/sys/kern/kern_jail.c
	@@ -223,6 +223,8 @@
	{"allow.nfsd", "allow.nonfsd", PR_ALLOW_NFSD},
	#endif
	{"allow.extattr", "allow.noextattr", PR_ALLOW_EXTATTR},
	+ {"allow.adjtime", "allow.noadjtime", PR_ALLOW_ADJTIME},
	+ {"allow.settime", "allow.nosettime", PR_ALLOW_SETTIME},
	};
	static unsigned pr_allow_all = PR_ALLOW_ALL_STATIC;
	const size_t pr_flag_allow_size = sizeof(pr_flag_allow);
	@@ -4167,6 +4169,28 @@
	return (0);
	return (EPERM);

	+ /*
	+ * Conditionally allow privileged process in the jail adjust
	+ * machine time.
	+ */
	+ case PRIV_ADJTIME:
	+ case PRIV_NTP_ADJTIME:
	+ if (cred->cr_prison->pr_allow &
	+ (PR_ALLOW_ADJTIME \| PR_ALLOW_SETTIME)) {
	+ return (0);
	+ }
	+ return (EPERM);
	+
	+ /*
	+ * Conditionally allow privileged process in the jail set
	+ * machine time.
	+ */
	+ case PRIV_CLOCK_SETTIME:
	+ if (cred->cr_prison->pr_allow & PR_ALLOW_SETTIME)
	+ return (0);
	+ else
	+ return (EPERM);
	+
	default:
	/*
	* In all remaining cases, deny the privilege request. This
	@@ -4631,6 +4655,10 @@
	#endif
	SYSCTL_JAIL_PARAM(_allow, extattr, CTLTYPE_INT \| CTLFLAG_RW,
	"B", "Jail may set system-level filesystem extended attributes");
	+SYSCTL_JAIL_PARAM(_allow, adjtime, CTLTYPE_INT \| CTLFLAG_RW,
	+ "B", "Jail may adjust system time");
	+SYSCTL_JAIL_PARAM(_allow, settime, CTLTYPE_INT \| CTLFLAG_RW,
	+ "B", "Jail may set system time");

	SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags");
	SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT \| CTLFLAG_RW,
	diff --git a/sys/sys/jail.h b/sys/sys/jail.h
	--- a/sys/sys/jail.h
	+++ b/sys/sys/jail.h
	@@ -254,7 +254,9 @@
	#define PR_ALLOW_KMEM_ACCESS 0x00010000 /* reserved, not used yet */
	#define PR_ALLOW_NFSD 0x00020000
	#define PR_ALLOW_EXTATTR 0x00040000
	-#define PR_ALLOW_ALL_STATIC 0x000787ff
	+#define PR_ALLOW_ADJTIME 0x00080000
	+#define PR_ALLOW_SETTIME 0x00100000
	+#define PR_ALLOW_ALL_STATIC 0x001f87ff

	/*
	* PR_ALLOW_DIFFERENCES determines which flags are able to be
	diff --git a/usr.sbin/jail/jail.8 b/usr.sbin/jail/jail.8
	--- a/usr.sbin/jail/jail.8
	+++ b/usr.sbin/jail/jail.8
	@@ -656,6 +656,18 @@
	.It Va allow.extattr
	Allow privileged process in the jail to manipulate filesystem extended
	attributes in the system namespace.
	+.It Va allow.adjtime
	+Allow privileged process in the jail to slowly adjusting global operating system
	+time.
	+For example through utilities like
	+.Xr ntpd 8 .
	+.It Va allow.settime
	+Allow privileged process in the jail to set global operating system data
	+and time.
	+For example through utilities like
	+.Xr date 1 .
	+This permission includes also
	+.Va allow.adjtime .
	.El
	.El
	.Pp
	@@ -1416,6 +1428,7 @@
	This is by virtue of the child jail being created in the chrooted
	environment of the first jail.
	.Sh SEE ALSO
	+.Xr date 1 ,
	.Xr killall 1 ,
	.Xr lsvfs 1 ,
	.Xr newaliases 1 ,
	@@ -1423,6 +1436,9 @@
	.Xr pkill 1 ,
	.Xr ps 1 ,
	.Xr quota 1 ,
	+.Xr adjtime 2 ,
	+.Xr clock_settime 2 ,
	+.Xr ntp_adjtime 2 ,
	.Xr jail_set 2 ,
	.Xr devfs 4 ,
	.Xr fdescfs 4 ,
	@@ -1444,6 +1460,7 @@
	.Xr mount 8 ,
	.Xr mountd 8 ,
	.Xr nfsd 8 ,
	+.Xr ntpd 8 ,
	.Xr reboot 8 ,
	.Xr rpcbind 8 ,
	.Xr sendmail 8 ,

File Metadata

Mime Type: text/plain
Expires: Tue, Nov 11, 12:25 PM (7 h, 40 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 25160295
Default Alt Text: D45545.id140339.diff (3 KB)

D45545.id140339.diffNo OneTemporaryActions

D45545.id140339.diffView Options

File Metadata

Event Timeline

D45545.id140339.diff
No OneTemporary
Actions

D45545.id140339.diff
View Options