Solved TOP Command & Jail

[rafael_grether]

Hi guys,

Is there a way to TOP command shows username inside jail?
USER_A in my host has UID 2001. USER_B in my Jail also has UID 2001.
A process executed by USER_B shows to me that is executed by USER_A, when top is executed on my host.
Since "top -j" brings up the JID, I think it should also bring up the username of this JID, to make sense.

Or do you suggest me another way?

Thanks

 

[cy@]

Rather than simply explain what to do, let's start with a little theory.

The kernel knows nothing about usernames, group names, service names, or anything else in this class of data. (This fact is true not only of FreeBSD but also Linux, Solaris, AIX, and any other *IX or *BSD. It's a UNIX thing.) The kernel only knows about UID, GID, ports and other numbers. Who then does the translation? That would be nss (in libc). nss uses files (like passwd, group, services, protocols, etc.), LDAP, NIS and other sources as sources for translations. You can even hook it into an SQL database if you're so inclined. But I digress.

To your immediate problem, you need a dummy copy of passwd(5) containing only the accounts the jail needs, with the password field *ed out or invalidated in some way. You can create a custom master.passwd(5) and friends using vipw -d some_dir. The -d is important. Miss that and you're in a recovery scenario.

 

[rafael_grether]

Thanks for your reply cy@ and for explanation!