Date: Wed, 26 May 2010 13:48:12 -0400 From: Glen Barber <glen.j.barber@gmail.com> To: Jamie Gritton <jamie@FreeBSD.org> Cc: jail@FreeBSD.org Subject: Re: jail(8) allow.socket_af, unknown oid Message-ID: <4BFD5EDC.6060208@gmail.com> In-Reply-To: <4BFD52F1.9030704@FreeBSD.org> References: <20100525175412.GA75052@orion.glenbarber.us> <4BFD52F1.9030704@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Jamie, On 5/26/10 12:57 PM, Jamie Gritton wrote: > On 05/25/10 11:54, Glen Barber wrote: >> The jail(8) man page has an entry under 'allow.*', allow.socket_af, >> which >> states to allow access to protocol stacks that have not had jail >> functionality >> added to them. >> >> [snip] >> >> Is this sysctl missing, or is it not a tunable? > The sysctls that describe available jail parameters don't always have a > type that sysctl(8) understands. In particular, the boolean parameters > are given a sysctl type of "B", and sysctl(8) will ignore them. > > These aren't useful sysctls in any normal way - they never have a > meaningful value. The exist only so their types and sizes can be > determined by jail(8) and jail(3). > > As per the jail(8) man page, you can use "sysctl -d" to show sysctl > descriptions without the value. Since it's only the values that > sysctl(8) doesn't understand, such parameters as allow.sock_af will then > show up. > > Or, in a short answer to your last question: this isn't a tunable in the > normal sysctl way, just a jail parameter. > > - Jamie > Thanks for the explanation. Would there be opposition about a patch for jail(8) noting which sysctls are tunable by sysctl(8) and which are not? -- Glen Barber
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BFD5EDC.6060208>