From owner-freebsd-questions@FreeBSD.ORG  Wed Feb  6 15:05:17 2013
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 0237F679
 for <questions@freebsd.org>; Wed,  6 Feb 2013 15:05:16 +0000 (UTC)
 (envelope-from ml@my.gd)
Received: from mail-we0-x22c.google.com (we-in-x022c.1e100.net
 [IPv6:2a00:1450:400c:c03::22c])
 by mx1.freebsd.org (Postfix) with ESMTP id 93988E6
 for <questions@freebsd.org>; Wed,  6 Feb 2013 15:05:16 +0000 (UTC)
Received: by mail-we0-f172.google.com with SMTP id x10so1213024wey.3
 for <questions@freebsd.org>; Wed, 06 Feb 2013 07:05:15 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=google.com; s=20120113;
 h=x-received:content-type:mime-version:subject:from:in-reply-to:date
 :cc:content-transfer-encoding:message-id:references:to:x-mailer
 :x-gm-message-state;
 bh=Hg5oOAl4F9qfkkfDaCuYU6jAjbMcRlF6lga6nOm5qoY=;
 b=TFgZhXsGy4pzH60bz0roXjn+q7aZ/SLAkmSxUmqMZyLS33/QWswCWk920mHnFQhkV6
 VfmdYb3wBbvtI/H22Rug/FobskkFyvZACKNftJKMzHiHl8hUzJUJEpz8gF0KEN9/HhZy
 NOmiAqL1vxR9tZV8rUuJ7zgk1P80zJHeDvp6oVv66TomI7L9grbJVCt8u5bm2ra1bUIo
 9liTlwcSJgplpSZnUV1SXj6P88qz/3cUTK95THsEFsd4VtK2WE1nG9UocXy2qyHujsLE
 ehlxdpjHYQdIItilLPu0PxuTND//6FhssCotmgsIAEkYS2uWBnjLdkN++3VECiJUZHWm
 /Q4w==
X-Received: by 10.195.13.200 with SMTP id fa8mr50331845wjd.15.1360163115136;
 Wed, 06 Feb 2013 07:05:15 -0800 (PST)
Received: from dfleuriot-at-hi-media.com ([83.167.62.196])
 by mx.google.com with ESMTPS id e6sm3805669wiz.1.2013.02.06.07.05.13
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Wed, 06 Feb 2013 07:05:14 -0800 (PST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
Subject: Re: sysctl  security.jail.*  descriptions
From: Fleuriot Damien <ml@my.gd>
In-Reply-To: <5112706B.8080707@a1poweruser.com>
Date: Wed, 6 Feb 2013 16:05:13 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <141EB0C7-B8D8-4413-86EE-F06066AD7633@my.gd>
References: <5112706B.8080707@a1poweruser.com>
To: Fbsd8 <fbsd8@a1poweruser.com>
X-Mailer: Apple Mail (2.1499)
X-Gm-Message-State: ALoCoQkr4J7ko+zTJsX88WCMd+DEpZHZGyBLkTLuVae1cvMPwfFzJSTr97WNj/PhdRSku53wq3Mu
Cc: FreeBSD questions <questions@freebsd.org>
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Feb 2013 15:05:17 -0000

# sysctl -d security.jail.socket_unixiproute_only
security.jail.socket_unixiproute_only: Processes in jail are limited to =
creating UNIX/IP/route sockets only



On Feb 6, 2013, at 4:02 PM, Fbsd8 <fbsd8@a1poweruser.com> wrote:

> Where do I find the descriptions of what these jail MIBs do?
>=20
>=20
> security.jail.param.allow.mount.zfs: 0
> security.jail.param.allow.mount.procfs: 0
> security.jail.param.allow.mount.nullfs: 0
> security.jail.param.allow.mount.devfs: 0
> security.jail.param.allow.mount.: 0
> security.jail.param.allow.socket_af: 0
> security.jail.param.allow.quotas: 0
> security.jail.param.allow.chflags: 0
> security.jail.param.allow.raw_sockets: 0
> security.jail.param.allow.sysvipc: 0
> security.jail.param.allow.set_hostname: 0
> security.jail.param.ip6.saddrsel: 0
> security.jail.param.ip6.: 0
> security.jail.param.ip4.saddrsel: 0
> security.jail.param.ip4.: 0
> security.jail.param.cpuset.id: 0
> security.jail.param.host.hostid: 0
> security.jail.param.host.hostuuid: 64
> security.jail.param.host.domainname: 256
> security.jail.param.host.hostname: 256
> security.jail.param.host.: 0
> security.jail.param.children.max: 0
> security.jail.param.children.cur: 0
> security.jail.param.dying: 0
> security.jail.param.persist: 0
> security.jail.param.devfs_ruleset: 0
> security.jail.param.enforce_statfs: 0
> security.jail.param.securelevel: 0
> security.jail.param.path: 1024
> security.jail.param.name: 256
> security.jail.param.parent: 0
> security.jail.param.jid: 0
> security.jail.devfs_ruleset: 0
> security.jail.enforce_statfs: 2
> security.jail.mount_zfs_allowed: 0
> security.jail.mount_procfs_allowed: 0
> security.jail.mount_nullfs_allowed: 0
> security.jail.mount_devfs_allowed: 0
> security.jail.mount_allowed: 0
> security.jail.chflags_allowed: 0
> security.jail.allow_raw_sockets: 0
> security.jail.sysvipc_allowed: 0
> security.jail.socket_unixiproute_only: 1
> security.jail.set_hostname_allowed: 1
> security.jail.jail_max_af_ips: 255
> security.jail.jailed: 0
>=20
>=20
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to =
"freebsd-questions-unsubscribe@freebsd.org"