From owner-freebsd-jail@FreeBSD.ORG  Thu May 24 19:25:17 2007
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
X-Original-To: freebsd-jail@freebsd.org
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 1F0F616A469
	for <freebsd-jail@freebsd.org>; Thu, 24 May 2007 19:25:17 +0000 (UTC)
	(envelope-from ohauer@gmx.de)
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
	by mx1.freebsd.org (Postfix) with SMTP id 6F84313C469
	for <freebsd-jail@freebsd.org>; Thu, 24 May 2007 19:25:16 +0000 (UTC)
	(envelope-from ohauer@gmx.de)
Received: (qmail invoked by alias); 24 May 2007 18:58:35 -0000
Received: from u18-124.dsl.vianetworks.de (EHLO [172.20.1.50]) [194.231.39.124]
	by mail.gmx.net (mp058) with SMTP; 24 May 2007 20:58:35 +0200
X-Authenticated: #1956535
X-Provags-ID: V01U2FsdGVkX1/thuZkNpztft6HMdrIyRf9zTpSIYKlzieq09s5Iv
	O+WyyP0knmz9Zv
From: Olli Hauer <ohauer@gmx.de>
To: freebsd-jail@freebsd.org
Content-Type: text/plain
Date: Thu, 24 May 2007 20:58:32 +0200
Message-Id: <1180033112.7242.18.camel@amd.uni.vrs>
Mime-Version: 1.0
X-Mailer: Evolution 2.8.1.1 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
Subject: default setting in /etc/default/rc.conf
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 May 2007 19:25:17 -0000

This is one of the first patches i apply to all new systems,
because i dislike jail_set_hostname_allow in /etc/rc.conf.local


# diff /etc/defaults/rc.conf.orig /etc/defaults/rc.conf
567c567
< jail_set_hostname_allow="YES" # Allow root user in a jail to change
its hostname
---
> jail_set_hostname_allow="NO" # Allow root user in a jail to change its
hostname


I manage system settings in /etc/sysctl.conf to keep the rc.conf.local
scripts clean (only settings that cannot set in sysctl.conf).
Unfortunately the /etc/rc.d/jail script does not honor this settings.

If you look around the tutorials on the net you will never see one that
does not disable this feature.

olli