Date: Tue, 18 Feb 2014 13:38:45 -0700 From: James Gritton <jamie@freebsd.org> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Cc: alexus <alexus@gmail.com> Subject: Re: security.jail.param.allow.socket_af=1 Message-ID: <5303C4D5.80007@freebsd.org> In-Reply-To: <CAJxePNJZaVF42iQ%2BiFr=wcB6UEg7UToQV-pc26kXOvccx_SgZA@mail.gmail.com> References: <CAJxePNJZaVF42iQ%2BiFr=wcB6UEg7UToQV-pc26kXOvccx_SgZA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/16/2014 2:15 PM, alexus wrote: > I'm trying to change following and for whatever reason it won't allow me to > do so: > > root@fx:~ # sysctl security.jail.param.allow.socket_af=1 > security.jail.param.allow.socket_af: 0 -> 0 > root@fx:~ # > > any ideas? > Thanks! The security.jail.param.* sysctls are informational only - and the only information they provide is the names and types of the jail parameters (which is used by jail(8)). Instead of trying to set the sysctl as some sort of global value, you want to instead set the parameter itself. Whether inside a jail definition, or perhaps as a global outside of any jail definitions, you should include: allow.socket_af; in /etc/jail.conf. See jail(8) and jail.conf(5) for the background on this. - Jamie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5303C4D5.80007>