jail with "complete" type have standard crontab a file of tasks. However not all standard task are adapted for work in jail an environment. For example adjkerntz which generates adjkerntz [46733]: sysctl (set: "machdep.wall_cmos_clock"): Operation not permitted I suggest to give adjkerntz concept about jail in which to it it is not necessary to work: --- adjkerntz.c-orig 2010-03-01 01:53:01.000000000 +0300 +++ adjkerntz.c 2010-03-01 02:03:45.000000000 +0300 _at__at_ -80,7 +80,7 _at__at_ struct tm local; struct timeval tv, *stv; struct timezone tz, *stz; - int kern_offset, wall_clock, disrtcset; + int kern_offset, wall_clock, disrtcset, jailed; size_t len; /* Avoid time_t here, can be unsigned long or worse */ long offset, localsec, diff; _at__at_ -118,6 +118,16 _at__at_ if (init) sleep_mode = True; + len = sizeof(jailed); + if (sysctlbyname("security.jail.jailed", &jailed, &len, NULL, 0) == -1) { + syslog(LOG_ERR, "sysctl(\"security.jail.jailed\"): %m"); + return 1; + } + if (jailed!=0) { + //not for jail + return 1; + } + sigemptyset(&mask); sigemptyset(&emask); sigaddset(&mask, SIGTERM);Received on Sun Feb 28 2010 - 22:15:56 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:01 UTC