Date: Tue, 14 Feb 2006 13:15:44 -0800 From: Doug Barton <dougb@FreeBSD.org> To: Harti Brandt <harti@freebsd.org> Cc: freebsd-net@FreeBSD.org, Anders Nordby <anders@FreeBSD.org>, Gleb Smirnoff <glebius@FreeBSD.org>, kuriyama@FreeBSD.org, demon@FreeBSD.org Subject: Re: bsnmpd Message-ID: <43F24880.3040208@FreeBSD.org> In-Reply-To: <20060214154833.I5083@beagle.kn.op.dlr.de> References: <20060206092443.GA61116@totem.fix.no> <20060207141131.GU877@FreeBSD.org> <20060213173008.GA14643@totem.fix.no> <20060214090531.X5083@beagle.kn.op.dlr.de> <20060214083010.GB41864@totem.fix.no> <20060214093513.F5083@beagle.kn.op.dlr.de> <20060214084459.GL86448@cell.sick.ru> <20060214103723.GA45138@totem.fix.no> <20060214103901.GB68308@cell.sick.ru> <20060214105821.GA47035@totem.fix.no> <20060214154833.I5083@beagle.kn.op.dlr.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Harti Brandt wrote:
> On Tue, 14 Feb 2006, Anders Nordby wrote:
> AN>- Ability to chroot itself (yes please, for security).
>
> I don't have enough rc-foo for this. Perhaps someone can jump in here?
This actually isn't all that hard. Basically you set $name_chroot to the
directory it should chroot too. It's also a good idea to include that
directory in required_dirs. If the bsnmpd binary has it's own chroot command
line option, take a look at how rc.d/named does it in HEAD. Otherwise, there
are notes in /etc/rc.subr and, the freebsd-rc@ list stands ready to help. :)
Doug
--
This .signature sanitized for your protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43F24880.3040208>