Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools
comparison sbin/ftjail @ 433:91b275a3facf
Also check for any open files and memory mapping within the jail by using "procstat"
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Sun, 19 Nov 2023 16:07:28 +0100 |
| parents | d46315901037 |
| children | 9c3b1966ba91 |
comparison
equal
deleted
inserted
replaced
| 432:d46315901037 | 433:91b275a3facf |
|---|---|
| 1043 if [ -S "${_directory}${_add_log_sock}" ]; then | 1043 if [ -S "${_directory}${_add_log_sock}" ]; then |
| 1044 echo "ERROR: additional log socket is open at \`${_directory}${_add_log_sock}'" >&2 | 1044 echo "ERROR: additional log socket is open at \`${_directory}${_add_log_sock}'" >&2 |
| 1045 return 1 | 1045 return 1 |
| 1046 fi | 1046 fi |
| 1047 done | 1047 done |
| 1048 | 1048 # |
| 1049 # Check whether there are any open files within the jail. | |
| 1050 # | |
| 1051 # "procstat file" also lists fifo, socket, message queue, kgueue et al. | |
| 1052 # file types. | |
| 1053 # | |
| 1054 # Note that procstat places extra whitespace at the end of lines sometimes. | |
| 1055 # | |
| 1056 # | |
| 1057 if procstat -a file | egrep '['$'\t '']+'"${_directory}"'(/|(['$'\t '']*)$)' ; then | |
| 1058 echo "ERROR: There are open files within the jail" >&2 | |
| 1059 return 1 | |
| 1060 fi | |
| 1061 # The same for memory mappings | |
| 1062 if procstat -a vm | egrep '['$'\t '']+'"${_directory}"'(/|(['$'\t '']*)$)' ; then | |
| 1063 echo "ERROR: There are open memory mappings within the jail" >&2 | |
| 1064 return 1 | |
| 1065 fi | |
| 1049 | 1066 |
| 1050 _dir_mounts="$(_get_mounts_at_directory "${_directory}")" | 1067 _dir_mounts="$(_get_mounts_at_directory "${_directory}")" |
| 1051 | 1068 |
| 1052 # | 1069 # |
| 1053 # Check preconditions thoroughly! | 1070 # Check preconditions thoroughly! |