Date: Tue, 24 Apr 2018 23:45:08 +0930 From: "O'Connor, Daniel" <darius@dons.net.au> To: Marc Branchaud <marcnarc@gmail.com> Cc: Glen Barber <gjb@FreeBSD.org>, krad <kraduk@gmail.com>, KIRIYAMA Kazuhiko <kiri@kx.openedu.org>, freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: What should do in chrooted environment? Message-ID: <084EA8AE-1228-493E-AD15-DFDE56F056AB@dons.net.au> In-Reply-To: <5bfcd662-629c-43f0-0471-141cf6881a1f@gmail.com> References: <201804232228.w3NMS6UW042861@kx.openedu.org> <20180423224408.GC56778@FreeBSD.org> <A07CBD86-5B13-43A9-AF33-EA027B93F209@dons.net.au> <CALfReyeOOgJmnj4Lxxbr4O_YOO9GA_83%2B-Awaz5r4eZAnCJkXw@mail.gmail.com> <20180424132452.GB70329@FreeBSD.org> <5bfcd662-629c-43f0-0471-141cf6881a1f@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 24 Apr 2018, at 23:39, Marc Branchaud <marcnarc@gmail.com> wrote: > On 2018-04-24 09:24 AM, Glen Barber wrote: >> There are additional nits regarding jail(8) that chroot(8) does not = have >> the same limitations. Setting/unsetting the immutable flag on = something >> like /sbin/init, for example, comes to mind. >=20 > Try > allow.chflags > in your jail.conf. I assume that this also isn't checked by the build so you end up wasting = some time as well (but probably only in installworld) I don't see an argument against doing some quick sanity checks before = starting a run (be it buildworld, installworld or whatever). -- Daniel O'Connor "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?084EA8AE-1228-493E-AD15-DFDE56F056AB>