From clsung@going04.iis.sinica.edu.tw  Wed May 10 03:48:14 2006
Return-Path: <clsung@going04.iis.sinica.edu.tw>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 27AD616A404
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 10 May 2006 03:48:14 +0000 (UTC)
	(envelope-from clsung@going04.iis.sinica.edu.tw)
Received: from going04.iis.sinica.edu.tw (going04.iis.sinica.edu.tw [140.109.19.154])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CF9EF43D45
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 10 May 2006 03:48:13 +0000 (GMT)
	(envelope-from clsung@going04.iis.sinica.edu.tw)
Received: by going04.iis.sinica.edu.tw (Postfix, from userid 1002)
	id 39CA828493; Wed, 10 May 2006 11:48:13 +0800 (CST)
Message-Id: <20060510034813.39CA828493@going04.iis.sinica.edu.tw>
Date: Wed, 10 May 2006 11:48:13 +0800 (CST)
From: Cheng-Lung Sung <clsung@FreeBSD.org>
Reply-To: Cheng-Lung Sung <clsung@FreeBSD.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [patch] add security.jail.jid sysctl
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         97071
>Category:       kern
>Synopsis:       [jail] [patch] add security.jail.jid sysctl
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bz
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 10 03:50:14 GMT 2006
>Closed-Date:    Thu Jan 08 09:55:29 UTC 2009
>Last-Modified:  Thu Jan 08 09:55:29 UTC 2009
>Originator:     Cheng-Lung Sung
>Release:        FreeBSD 6.1-STABLE i386
>Organization:
FreeBSD 
>Environment:
System: FreeBSD going04.iis.sinica.edu.tw 6.1-STABLE FreeBSD 6.1-STABLE #11: Wed May 10 11:01:51 CST 2006 root@going04.iis.sinica.edu.tw:/usr/obj/usr/src/sys/GOING04 i386


>Description:
	bin/89989 suggest to specify jid at jail start-up time, and I think
	let users can know their jid inside jail is a good idea. 

	security.jail.jid can also replace security.jail.jailed, since
	they all return zero in host, and > 0 in jail.
	
>How-To-Repeat:
	sysctl security.jail.jid
>Fix:

--- sys/kern/kern_jail.c.orig	Sun Nov 13 11:12:32 2005
+++ sys/kern/kern_jail.c	Wed May 10 06:34:24 2006
@@ -582,3 +582,17 @@
 }
 SYSCTL_PROC(_security_jail, OID_AUTO, jailed, CTLTYPE_INT | CTLFLAG_RD,
     NULL, 0, sysctl_jail_jailed, "I", "Process in jail?");
+
+static int
+sysctl_jail_jid(SYSCTL_HANDLER_ARGS)
+{
+	int error, jid;
+
+	if ((jid = jailed(req->td->td_ucred)))
+	    jid = req->td->td_ucred->cr_prison->pr_id;
+	error = SYSCTL_OUT(req, &jid, sizeof(jid));
+
+	return (error);
+}
+SYSCTL_PROC(_security_jail, OID_AUTO, jid, CTLTYPE_INT | CTLFLAG_RD,
+    NULL, 0, sysctl_jail_jid, "I", "Jail ID");

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-jail 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Jan 25 22:03:48 UTC 2008 
Responsible-Changed-Why:  
Reassign to appropriate mailing list. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=97071 
Responsible-Changed-From-To: freebsd-jail->bz 
Responsible-Changed-By: bz 
Responsible-Changed-When: Sat Nov 29 17:19:06 UTC 2008 
Responsible-Changed-Why:  
JIDs are system internal and the PR doesn't give a reason why it would 
be helpful to know them within the jail. Ask for feedback. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=97071 
State-Changed-From-To: open->feedback 
State-Changed-By: bz 
State-Changed-When: Tue Jan 6 19:44:20 UTC 2009 
State-Changed-Why:  
Submitter was asked to explain why this would be a good idea 
or if this can be closed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=97071 

From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
To: bug-followup@FreeBSD.org, clsung@FreeBSD.org
Cc:  
Subject: Re: kern/97071: [jail] [patch] add security.jail.jid sysctl
Date: Tue, 6 Jan 2009 19:44:00 +0000 (UTC)

 Hi,
 
 `jail IDs' are internal to prisons and only meaningful to base system.
 I cannot see why one would want to leak the number into a jail.
 
 Can you give a good reason or can this be closed?
 
 -- 
 Bjoern A. Zeeb                      The greatest risk is not taking one.

From: Cheng-Lung Sung <clsung@tw.freebsd.org>
To: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Cc: bug-followup@FreeBSD.org, clsung@FreeBSD.org
Subject: Re: kern/97071: [jail] [patch] add security.jail.jid sysctl
Date: Thu, 8 Jan 2009 17:22:30 +0800

 --PNTmBPCT7hxwcZjr
 Content-Type: text/plain; charset=utf-8
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 This PR is aged. And I forgot the reason, so please close it for now :)
 Thank you.
 On Tue, Jan 06, 2009 at 07:44:00PM +0000, Bjoern A. Zeeb wrote:
 > Hi,
 >=20
 > `jail IDs' are internal to prisons and only meaningful to base system.
 > I cannot see why one would want to leak the number into a jail.
 >=20
 > Can you give a good reason or can this be closed?
 >=20
 > --=20
 > Bjoern A. Zeeb                      The greatest risk is not taking one.
 
 --=20
 Alan Cheng-Lung Sung - clsung@
 
 --PNTmBPCT7hxwcZjr
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.9 (FreeBSD)
 
 iEYEARECAAYFAkllxdQACgkQ+AeJ85Vui8FQqwCfcDN9z9+1R+Vtw/tY5z4d3g2v
 peUAn28FsnCTT4Jp3jUpZMw1AXNFBf/o
 =+BWa
 -----END PGP SIGNATURE-----
 
 --PNTmBPCT7hxwcZjr--
State-Changed-From-To: feedback->closed 
State-Changed-By: bz 
State-Changed-When: Thu Jan 8 09:54:56 UTC 2009 
State-Changed-Why:  
Submitter says it can be closed for now. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=97071 
>Unformatted:
