From owner-freebsd-questions@FreeBSD.ORG Thu Feb 14 13:32:52 2013 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id BAA0927B for ; Thu, 14 Feb 2013 13:32:52 +0000 (UTC) (envelope-from h.schmalzbauer@omnilan.de) Received: from host.omnilan.net (s1.omnilan.net [62.245.232.135]) by mx1.freebsd.org (Postfix) with ESMTP id 36A1B277 for ; Thu, 14 Feb 2013 13:32:51 +0000 (UTC) Received: from titan.inop.wdn.omnilan.net (titan.inop.wdn.omnilan.net [172.21.3.1]) (authenticated bits=0) by host.omnilan.net (8.13.8/8.13.8) with ESMTP id r1EDc1ld033775 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 14 Feb 2013 14:38:01 +0100 (CET) (envelope-from h.schmalzbauer@omnilan.de) Message-ID: <511CE781.9020503@omnilan.de> Date: Thu, 14 Feb 2013 14:32:49 +0100 From: Harald Schmalzbauer Organization: OmniLAN User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; de-DE; rv:1.9.2.8) Gecko/20100906 Lightning/1.0b2 Thunderbird/3.1.2 MIME-Version: 1.0 To: Fbsd8 Subject: Re: setting MIBs on a per jail bases References: <5112874D.30500@a1poweruser.com> <3A0296FA-E6E1-41AD-8077-7648E6E57511@my.gd> <51128B7C.4090801@a1poweruser.com> <511CE42E.2090509@omnilan.de> In-Reply-To: <511CE42E.2090509@omnilan.de> X-Enigmail-Version: 1.1.2 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig35E76777D67DA9C02CC4D01A" Cc: Fleuriot Damien , FreeBSD questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Feb 2013 13:32:52 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig35E76777D67DA9C02CC4D01A Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable schrieb Harald Schmalzbauer am 14.02.2013 14:18 (localtime): > schrieb Fbsd8 am 06.02.2013 17:57 (localtime): >> Fleuriot Damien wrote: >>> Running 8.3 here and the answer is no. >>> >>> >>> On Feb 6, 2013, at 5:39 PM, Fbsd8 wrote: >>> >>>> Is there a way to set these MIBs >>>> on a per jail bases? >>>> >>>> allow.mount.nullfs >>>> allow.raw_sockets >>>> cpuset.id >>>> securelevel >>> >>> >> Rereading the "man jail" for 9.1 talks about securelevel as a jail >> parammeter. So correct me if I an wrong. All the security.jail.param.*= >> MIBs are set in rc.conf or /etc/jail.conf file on a per jail bases by >> changing the word "parm" to the jailname? >> > This applies to jail.conf(5). > That's a entirely new way to handle jails in FreeBSD 9.1. Very nice, bu= t > not included in rc.d. > > If you want to keep the traditional way running jails, I made a patch > some time ago to control more per-jail tunables. > Here you can donwload it for -9: > ftp://ftp.omnilan.de/pub/FreeBSD/OmniLAN/deploy-tools/local-patches/src= /jail-allow-selectables.patch_9 > That also irons some ip configuration cosmetics, see defaults/rc.conf. See also http://docs.freebsd.org/cgi/getmsg.cgi?fetch=3D686783+0+archive/2010/free= bsd-stable/20100704.freebsd-stable -Harry --------------enig35E76777D67DA9C02CC4D01A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAlEc54EACgkQLDqVQ9VXb8gQxQCguHdL75/d0+sGUU1gXJHYi0sK hBgAnAmo3STl6sRaK1WAP+tl8wzXoFqM =0xNB -----END PGP SIGNATURE----- --------------enig35E76777D67DA9C02CC4D01A--