5.4 jails (was Re: [nycbug-talk] abusing a server)

Charles Sprickman spork
Sat May 28 00:11:24 EDT 2005 

On Fri, 27 May 2005, pete wright wrote:

> On 5/27/05, Charles Sprickman <spork at bway.net> wrote:
>> I'm keeping Ike's excellent info below for context.
>>
>> Anyhow after poking around in /etc/defaults/rc.conf, I thought I'd share
>> some stuff I found there.  While the current jail(8) manpage is excellent,
>> it's still referencing 4.x, and none of the new stuff is included there.
>
> Hey Charles, have you had a chance to hack on any devfs rulesets for
> jails?  I'm going to be putting some time in on this tonight/this
> weekend and would like to hear anyone's thought's on this.

Lucky for me, I didn't have to...  This line in the host's rc.conf takes 
care of setting up things in what appears to be a sane way:

jail_jail1_devfs_ruleset="devfsrules_jail"

That references the rules in /etc/[defaults/]devfs.rules:

# Devices usually found in a jail.
#
[devfsrules_jail=4]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login

Which leaves me with the following in the jail:

root at jail1# ls -al /dev/
total 1
dr-xr-xr-x  2 root   wheel       512 May 27 23:46 fd
lrwxr-xr-x  1 root   wheel        14 May 27 23:46 log -> ../var/run/log
crw-rw-rw-  1 root   wheel    2,   2 May 28 00:11 null
crw-rw-rw-  1 root   wheel    6,   0 May 28 00:11 ptyp0
crw-rw-rw-  1 root   wheel    6,   1 May 28 00:11 ptyp1
crw-rw-rw-  1 root   wheel    6,   2 May 28 00:11 ptyp2
crw-rw-rw-  1 root   wheel    6,   3 May 27 23:25 ptyp3
crw-rw-rw-  1 root   wheel    6,   4 May 23 21:20 ptyp4
crw-rw-rw-  1 root   wheel  248,   0 May 23 20:40 random
lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stderr -> fd/2
lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stdin -> fd/0
lrwxr-xr-x  1 root   wheel         4 May 27 23:46 stdout -> fd/1
crw-rw-rw-  1 root   wheel    5,   0 May 28 00:11 ttyp0
crw-rw-rw-  1 root   wheel    5,   1 May 28 00:11 ttyp1
crw--w----  1 spork  tty      5,   2 May 28 00:11 ttyp2
crw-rw-rw-  1 root   wheel    5,   3 May 27 23:26 ttyp3
crw-rw-rw-  1 root   wheel    5,   4 May 23 21:27 ttyp4
lrwxr-xr-x  1 root   wheel         6 May 27 23:46 urandom -> random
crw-rw-rw-  1 root   wheel    2,  12 Apr 26 19:50 zero

Cool, huh?

I also find that I can wrap my head around this stuff when listening to 
this guy on the radio now called "bitshifter":

http://www.ocdj.org/liveitup.php

Normally electronic music turns me off and distracts me, but this guy 
oddly enhances my concentration. :)  It's all video game console 
generated.

C

> -p
>
> <snipped a whole lot of very usefull info bellow>
>
> -- 
> ~~o0OO0o~~
> Pete Wright
> www.nycbug.org
> NYC's *BSD User Group
>

More information about the talk mailing list