Date: Fri, 27 Feb 2004 16:27:40 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: freebsd-arch@freebsd.org Subject: rcNG and jail. Message-ID: <20040227152739.GG5720@darkness.comp.waw.pl>
next in thread | raw e-mail | index | archive | help
--sl5MdczEF/OU2Miu Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello. I've some proof-of-concept patch to teach rcNG about jail. This will allow using starting scripts without any hacks. It works in this way: We're able now to check if we are in jail or not by getting value of sysctl security.jail.jailed. By default scripts are available inside jail, if script does not make sens in jail it should be marked by setting "injail" variable to "no" inside it. Script can still be started when prefix 'force' is used. I'm not sure if this is "the right way", maybe we should provide some sort of script flags to define things like this? http://people.freebsd.org/~pjd/patches/rc_jail.patch --=20 Pawel Jakub Dawidek http://www.FreeBSD.org pjd@FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am! --sl5MdczEF/OU2Miu Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAP2HrForvXbEpPzQRAqNVAKCGPjZBY6tXndmtk4Ds8gza9TDyBgCgqzfK Mvm/Q5TbYFe1IO9L1kxbnPE= =xDfr -----END PGP SIGNATURE----- --sl5MdczEF/OU2Miu--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040227152739.GG5720>