mkjail

mkjail is a tool for generating minimal jail environments for arbitrary commands. It has been tested on FreeBSD, but should work with any system with ktrace/kdump.

Listing of /files/mkjail
FilenameFilesizeLast Modified
mkjail2.58k2009-03-11 10:03

Example run

-<root@voi:~>-
-# mkjail /jail/ruby /usr/local/bin/ruby -e 'p "Hello"'                                        -<1014 22:04:27>-
Tracing ["/usr/local/bin/ruby", "-e", "p \"Hello\""]
Test run of process, if it won't die by itself, please kill it shortly.
["ktrace", "-t", "n", "-if", "/var/tmp/mkjail-ruby.lmYql141.ktrace", "--", "/usr/local/bin/ruby", "-e", "p \"Hello\""]
"Hello"
Trace saved tp /var/tmp/mkjail-ruby.lmYql141.ktrace
Making directory /jail/ruby/usr/local/bin
cp /usr/local/bin/ruby /jail/ruby/usr/local/bin/ruby
Making directory /jail/ruby/libexec
cp /libexec/ld-elf.so.1 /jail/ruby/libexec/ld-elf.so.1
Making directory /jail/ruby/etc
cp /etc/libmap.conf /jail/ruby/etc/libmap.conf
Making directory /jail/ruby/usr/local/lib
cp /usr/local/lib/libruby18.so.18 /jail/ruby/usr/local/lib/libruby18.so.18
Making directory /jail/ruby/var/run
cp /var/run/ld-elf.so.hints /jail/ruby/var/run/ld-elf.so.hints
Making directory /jail/ruby/lib
cp /lib/libcrypt.so.4 /jail/ruby/lib/libcrypt.so.4
Making directory /jail/ruby/lib
cp /lib/libm.so.5 /jail/ruby/lib/libm.so.5
Making directory /jail/ruby/lib
cp /lib/libthr.so.3 /jail/ruby/lib/libthr.so.3
Making directory /jail/ruby/lib
cp /lib/libc.so.7 /jail/ruby/lib/libc.so.7
Making directory /jail/ruby/libexec
cp /libexec/ld-elf.so.1 /jail/ruby/libexec/ld-elf.so.1
Making directory /jail/ruby/etc
cp /etc/passwd /jail/ruby/etc/passwd
Making directory /jail/ruby/tmp mode 41777

-<root@voi:~>-
-# chroot /jail/ruby /usr/local/bin/ruby -e 'p "Hello"'                                        -<1015 22:04:32>-
"Hello"