jails Is the exec parameter needed for jails created in C?

lost_in_c

lost_in_c

This may betray a lack of understanding of how jails work under the hood. Here is my question:

If I am creating a jail via system calls in a c program, do I need to add one of persist, exec, or command, or is it implied that the jail is executing as part of the thread taken up by the c program process (please forgive me if I am butchering these concepts)?

Put in other words: as I understand it right now, when creating a jail using jail(8), you have to sort of give jail(8) a clue about the context of execution. But if it's a syscall, then it is alrady executing and doesn't need a prompt?

Off? Way off?

All wisdom and knowledge deeply appreciated.

All relevant man pages have already been consulted, this isn't specified, perhaps because the answer should be obvious.
 
So I found this piece of documentation that goes into jail syscalls in some detail, and makes no mention of needing those parameters as jail(8) does. However, it is slightly outdated, as it describes the jail(2) syscall and not the newer jail_set(2), which the man page for both recommends using and I am planning to use.

docs.freebsd.org

Chapter 4. The Jail Subsystem

The Jail Subsystem
docs.freebsd.org docs.freebsd.org

I think for now I am simply going to write my program without using any of the three parameters, and see what comes out the other side. Will report back with results.
 
*drops: sonobuoy*
Please let me know if you go public with your code (well, *you* don't have to actually do anything -e.g. "write me a well worded/thought out letter on a stone tablet" or anything like that; I just wanted to reply to this thread in case you give a link so I will be notified.
 
It might be a few days to a week. Probably the optimal way would be to just inmerse myself in the source code and track down every function until I know the answer, but I am already doing that with zfs and that's enough of an adventure. Sometimes trial and error is just fine. Also I won't probably link the code, but I will let know if my jail cycle works fine using the syscalls or, more likely, jail(3) without the exec parameters.
 
> timeframe
No worries at all. I'm busy chasing a toy project (aka: concept) at the moment. The only reason I wanted to place my marker in this thread was "just in case" because I can see how one of my toy projects would sort of segway nicely into a jail thing and I could learn from your code.

> no code for me
That's not a problem either; I suppose I could just follow suite (and do the same thing as you and trace down every function) when/if my 'toy' grows.

All good. Good luck with the zfs thing.
 
You must log in or register to reply here.
Back
Top