[Bug 191279] [jail] jail allow.sysvipc - doesn't work until jail is started TWICE after reboot
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Jun 26 08:36:41 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191279
--- Comment #3 from dreamcat4 at gmail.com ---
Thanks man! It's good news to hear. Hopefully the bug will go away once I'm
moved to 10.0.(In reply to dewayne from comment #2)
> Dreamcat, Testing on two stables built within last 24 hours
> # sysctl -a|grep sysvi
> security.jail.param.allow.sysvipc: 0
> security.jail.sysvipc_allowed: 1
>
> My jail.conf contains
> test1 { ip4.addr = "10.0.5.241"; devfs_ruleset = "4"; allow.sysvipc;
> allow.chflags; }
>
> which is the jail that I tested for sysvipc.
Thanks for testing this. You individual jail setting looks good. My global
sysvipc setting is different than yours however:
freenas ~/ root^> sysctl -a|grep Sylvia
security.jail.param.allow.sysvipc: 0
security.jail.sysvipc_allowed: 0
Reason: Don't want to enable it for all the other jails. It is only needed on 1
specific jail.
FYI: Another PR relevant to isolating ipc to single-jail:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=48471
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-jail
mailing list