From owner-freebsd-current@FreeBSD.ORG  Sun Feb 28 23:15:56 2010
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6A347106566B
	for <freebsd-current@freebsd.org>; Sun, 28 Feb 2010 23:15:56 +0000 (UTC)
	(envelope-from subbsd@gmail.com)
Received: from mail-ew0-f226.google.com (mail-ew0-f226.google.com
	[209.85.219.226])
	by mx1.freebsd.org (Postfix) with ESMTP id 026C78FC14
	for <freebsd-current@freebsd.org>; Sun, 28 Feb 2010 23:15:55 +0000 (UTC)
Received: by ewy26 with SMTP id 26so1004553ewy.3
	for <freebsd-current@freebsd.org>; Sun, 28 Feb 2010 15:15:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:date:message-id:subject
	:from:to:content-type;
	bh=aDENg4NVS0Mg98tEktVthSSnJ0ahige0UsCDSl6ss9E=;
	b=ZCffq+51l6jf8qxKqTIqcZNCpv9wGu52s4Bpe3HTvVV3kQ8RU44zMLgiEwRBImKXs9
	m7chpNWj3iWlXyUcgC+Jf2/Bl3wKmri46b6cnO4tgsW3hJkAnNV7ea3hVwLEwalzA2b2
	AC1Qc/GxynN1jww4BCcyy2tk35Zit0Y4bGycY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:date:message-id:subject:from:to:content-type;
	b=j2srDt+7ISHjfcKDw8NZ3M9mjnk/QLFfoZzVIYdRtu2lcmw72vkAuLvz7/1fBpGCcA
	Sd5yQUT7gnEUdO6Z7hX/f/cnm29sxt8gl13VGuRxeo//2tvm498Yx+WKkGocVUBSLGmp
	nqT3p0YrETp0L1WMitS0iurGg7i/hzsdGjwTM=
MIME-Version: 1.0
Received: by 10.213.48.5 with SMTP id p5mr2685057ebf.53.1267398941611; Sun, 28 
	Feb 2010 15:15:41 -0800 (PST)
Date: Mon, 1 Mar 2010 02:15:41 +0300
Message-ID: <8237b2241002281515q5e953a48l4ac8a981fed407ab@mail.gmail.com>
From: Subbsd <subbsd@gmail.com>
To: freebsd-current@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Subject: check for jailed environment for adjkerntz
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Feb 2010 23:15:56 -0000

jail with "complete" type have standard crontab a file of tasks. However not
all standard task are adapted for work in jail an environment. For example
adjkerntz which generates

adjkerntz [46733]: sysctl (set: "machdep.wall_cmos_clock"): Operation not
permitted

I suggest to give adjkerntz concept about jail in which to it it is not
necessary to work:


--- adjkerntz.c-orig    2010-03-01 01:53:01.000000000 +0300
+++ adjkerntz.c 2010-03-01 02:03:45.000000000 +0300
@@ -80,7 +80,7 @@
        struct tm local;
        struct timeval tv, *stv;
        struct timezone tz, *stz;
-       int kern_offset, wall_clock, disrtcset;
+       int kern_offset, wall_clock, disrtcset, jailed;
        size_t len;
        /* Avoid time_t here, can be unsigned long or worse */
        long offset, localsec, diff;
@@ -118,6 +118,16 @@
        if (init)
                sleep_mode = True;

+        len = sizeof(jailed);
+        if (sysctlbyname("security.jail.jailed", &jailed, &len, NULL, 0) ==
-1) {
+            syslog(LOG_ERR, "sysctl(\"security.jail.jailed\"): %m");
+            return 1;
+        }
+        if (jailed!=0) {
+            //not for jail
+            return 1;
+        }
+
        sigemptyset(&mask);
        sigemptyset(&emask);
        sigaddset(&mask, SIGTERM);