-
Notifications
You must be signed in to change notification settings - Fork 17.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
syscall: add Jail int32 to SysProcAttr on FreeBSD #46259
Comments
This proposal has been added to the active column of the proposals project |
Does anyone object to this? |
An implementation detail I did not think about before: |
@gizahNL That doesn't seem like a problem. The relevant code is in syscall/exec_bsd.go. |
/cc @samuelkarp to see if this would have helped https://github.com/samuelkarp/runj. |
Based on the discussion above, this proposal seems like a likely accept. |
Yes, this will likely help runj in some scenarios, while runj will likely invoke |
No change in consensus, so accepted. 🎉 |
To allow adding fields to ProcSysAttr which are supported on FreeBSD but not on other BSDs. For now exec_freebsd.go is an exact copy of exec_bsd.go with adjusted build tags and copyright year. For golang#46258 For golang#46259 Change-Id: I7667a0cdf1ca86ef64a147b77c06db70c5f8eb90
Change https://golang.org/cl/355569 mentions this issue: |
To allow adding fields to ProcSysAttr which are supported on FreeBSD but not on other BSDs. For now exec_freebsd.go is an exact copy of exec_bsd.go with adjusted build tags and copyright year. For #46258 For #46259 Change-Id: I7667a0cdf1ca86ef64a147b77c06db70c5f8eb90 Reviewed-on: https://go-review.googlesource.com/c/go/+/355569 Trust: Tobias Klauser <tobias.klauser@gmail.com> Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
Introduce a new SysProcAttr member called Jail on FreeBSD. This allows supplying an existing jail's ID to which the child process is attached before calling the exec system call. Fixes golang#46259 Change-Id: Ie282e5b83429131f9a9e1e27cfcb3bcc995d1d4d
Introduce a new SysProcAttr member called Jail on FreeBSD. This allows supplying an existing jail's ID to which the child process is attached before calling the exec system call. Fixes golang#46259 Change-Id: Ie282e5b83429131f9a9e1e27cfcb3bcc995d1d4d
Introduce a new SysProcAttr member called Jail on FreeBSD. This allows supplying an existing jail's ID to which the child process is attached before calling the exec system call. Fixes golang#46259 Change-Id: Ie282e5b83429131f9a9e1e27cfcb3bcc995d1d4d
Change https://go.dev/cl/458335 mentions this issue: |
Change https://go.dev/cl/498376 mentions this issue: |
One of the changes also affects the os package, so mention it there too. For #46259 Change-Id: I8041a5ce009725ab210118ee668fc94196d9ff82 Reviewed-on: https://go-review.googlesource.com/c/go/+/498376 Run-TryBot: Ian Lance Taylor <iant@google.com> Auto-Submit: Ian Lance Taylor <iant@google.com> Reviewed-by: Eli Bendersky <eliben@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org>
Adding an int32 jail param to SysProcAttr on FreeBSD and calling the JAIL_ATTACH syscall inside the forked child would allow cleanly running a command inside a FreeBSD jail.
The text was updated successfully, but these errors were encountered: