From owner-freebsd-hackers@FreeBSD.ORG Thu Dec 28 20:42:38 2006 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 851A616A403 for ; Thu, 28 Dec 2006 20:42:38 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from harmony.bsdimp.com (vc4-2-0-87.dsl.netrack.net [199.45.160.85]) by mx1.freebsd.org (Postfix) with ESMTP id 2ECA513C46D for ; Thu, 28 Dec 2006 20:42:38 +0000 (UTC) (envelope-from imp@bsdimp.com) Received: from localhost (localhost [127.0.0.1]) by harmony.bsdimp.com (8.13.4/8.13.4) with ESMTP id kBSKenvi018370; Thu, 28 Dec 2006 13:40:49 -0700 (MST) (envelope-from imp@bsdimp.com) Date: Thu, 28 Dec 2006 13:40:53 -0700 (MST) Message-Id: <20061228.134053.-1548238884.imp@bsdimp.com> To: freebsd-hackers@freebsd.org, erik.udo@gmail.com, olli@lurza.secnetix.de From: "M. Warner Losh" In-Reply-To: <20061228.132844.-579333856.imp@bsdimp.com> References: <4592C91C.2040801@gmail.com> <200612281237.kBSCbE2n047391@lurza.secnetix.de> <20061228.132844.-579333856.imp@bsdimp.com> X-Mailer: Mew version 4.2 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Multipart/Mixed; boundary="--Next_Part(Thu_Dec_28_13_40_53_2006_777)--" Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0 (harmony.bsdimp.com [127.0.0.1]); Thu, 28 Dec 2006 13:40:49 -0700 (MST) Cc: Subject: Re: Init.c, making it chroot X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Dec 2006 20:42:38 -0000 ----Next_Part(Thu_Dec_28_13_40_53_2006_777)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit BTW, here's a patch to test. Since FreeBSD has kenv(2), the patch is actually very small. Warner ----Next_Part(Thu_Dec_28_13_40_53_2006_777)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="init_chroot" Index: init.c =================================================================== RCS file: /cache/ncvs/src/sbin/init/init.c,v retrieving revision 1.62 diff -u -r1.62 init.c --- init.c 8 Jun 2006 14:04:36 -0000 1.62 +++ init.c 28 Dec 2006 20:39:33 -0000 @@ -55,6 +55,7 @@ #include #include #include +#include #include #include #include @@ -187,6 +188,7 @@ int main(int argc, char *argv[]) { + char init_chroot[PATH_MAX]; int c; struct sigaction sa; sigset_t mask; @@ -239,6 +241,12 @@ */ openlog("init", LOG_CONS|LOG_ODELAY, LOG_AUTH); + *init_chroot = '\0'; + kenv(KENV_GET, "init_chroot", init_chroot, sizeof(init_chroot)); + if (*init_chroot) + if (chdir(init_chroot) != 0 || chroot(".") != 0) + warning("Can't chroot to %s: %m", init_chroot); + /* * Create an initial session. */ ----Next_Part(Thu_Dec_28_13_40_53_2006_777)----