Date: Fri, 30 Jun 2006 03:50:56 GMT From: Chris Jones <cdjones@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 100328 for review Message-ID: <200606300350.k5U3ou0Z061396@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=100328 Change 100328 by cdjones@cdjones-impulse on 2006/06/30 03:50:13 Continued fixing for -6 base. Affected files ... .. //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/Makefile#2 integrate .. //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/jail.8#3 integrate .. //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/jail.c#3 integrate Differences ... ==== //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/Makefile#2 (text+ko) ==== ==== //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/jail.8#3 (text+ko) ==== @@ -31,9 +31,9 @@ .\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp .\" ---------------------------------------------------------------------------- .\" -.\" $FreeBSD: src/usr.sbin/jail/jail.8,v 1.80 2006/06/11 12:57:41 bz Exp $ +.\" $FreeBSD: src/usr.sbin/jail/jail.8,v 1.67.2.8 2006/05/28 09:49:42 simon Exp $ .\" -.Dd June 11, 2006 +.Dd May 26, 2006 .Dt JAIL 8 .Os .Sh NAME @@ -141,8 +141,6 @@ .Xr devfs 8 for information on how to use devfs rules to limit access to entries in the per-jail devfs. -A simple devfs ruleset for jails is available as ruleset #4 in -.Pa /etc/defaults/devfs.rules . .Pp In many cases this example would put far more in the jail than needed. In the other extreme case a jail might contain only one file: @@ -161,7 +159,7 @@ to build the jail directory tree. For the sake of this example, we will assume you built it in -.Pa /data/jail/192.0.2.100 , +.Pa /data/jail/192.168.11.100 , named for the jailed IP address. Substitute below as needed with your own directory, IP address, and hostname. @@ -187,11 +185,11 @@ in the host environment: .Bd -literal -offset indent sendmail_enable="NO" -inetd_flags="-wW -a 192.0.2.23" +inetd_flags="-wW -a 192.168.11.23" rpcbind_enable="NO" .Ed .Pp -.Li 192.0.2.23 +.Li 192.168.11.23 is the native IP address for the host system, in this example. Daemons that run out of .Xr inetd 8 @@ -260,7 +258,7 @@ .Pp Start a shell in the jail: .Pp -.Dl "jail /data/jail/192.0.2.100 testhostname 192.0.2.100 /bin/sh" +.Dl "jail /data/jail/192.168.11.100 testhostname 192.168.11.100 /bin/sh" .Pp Assuming no errors, you will end up with a shell prompt within the jail. You can now run @@ -313,7 +311,7 @@ .Xr syslogd 8 in the host environment to listen on the syslog socket in the jail environment; in this example, the syslog socket would be stored in -.Pa /data/jail/192.0.2.100/var/run/log . +.Pa /data/jail/192.168.11.100/var/run/log . .Pp Exit from the shell, and the jail will be shut down. .Ss "Starting the Jail" @@ -340,9 +338,9 @@ If you do decide to set this variable, it must be set before starting any jails, and once each boot. .Bd -literal -offset indent -ifconfig ed0 inet alias 192.0.2.100/32 -mount -t procfs proc /data/jail/192.0.2.100/proc -jail /data/jail/192.0.2.100 testhostname 192.0.2.100 \\ +ifconfig ed0 inet alias 192.168.11.100/32 +mount -t procfs proc /data/jail/192.168.11.100/proc +jail /data/jail/192.168.11.100 testhostname 192.168.11.100 \\ /bin/sh /etc/rc .Ed .Pp ==== //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/jail.c#3 (text+ko) ==== @@ -8,7 +8,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/usr.sbin/jail/jail.c,v 1.25 2006/05/12 15:14:43 matteo Exp $"); +__FBSDID("$FreeBSD: src/usr.sbin/jail/jail.c,v 1.20.2.3 2006/05/26 10:30:59 matteo Exp $"); #include <sys/param.h> #include <sys/jail.h>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606300350.k5U3ou0Z061396>