Date: Thu, 29 Jul 2010 02:52:09 GMT From: "Matthew N. Dodd" <mdodd@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: conf/149050: rcorder ``nojail'' too coarse for Jail+VNET Message-ID: <201007290252.o6T2q9lU009622@freefall.freebsd.org> Resent-Message-ID: <201007290300.o6T30FHp009808@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 149050 >Category: conf >Synopsis: rcorder ``nojail'' too coarse for Jail+VNET >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jul 29 03:00:15 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Matthew N. Dodd >Release: >Organization: >Environment: >Description: When using jail & vnet the init script KEYWORD ``nojail'' is not fine grained enough to control selection of startup scripts. >How-To-Repeat: >Fix: Patch exposes PR_VNET flag via sysctl 'security.jail.vnet' in the same manner as 'security.jail.jailed.' rc & rc.shutdown updated to emit 'nojailvnet' for jails without vnets. Select init scripts altered nojail->nojailvnet. >Release-Note: >Audit-Trail: >Unformatted: Release: FreeBSD 8.1-STABLE i386 >System: FreeBSD neo-sasami.jurai.net 8.1-STABLE FreeBSD 8.1-STABLE #7: Wed Jul 28 21:31:22 EDT 2010 root@neo-sasami.jurai.net:/usr/src/sys/i386/compile/DL380G3 i386 <machine, os, target, libraries (multiple lines)>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007290252.o6T2q9lU009622>