bsnmpd
Brooks Davis
brooks at one-eyed-alien.net
Tue Feb 14 13:52:34 PST 2006
On Tue, Feb 14, 2006 at 01:15:44PM -0800, Doug Barton wrote:
> Harti Brandt wrote:
> > On Tue, 14 Feb 2006, Anders Nordby wrote:
>
> > AN>- Ability to chroot itself (yes please, for security).
> >
> > I don't have enough rc-foo for this. Perhaps someone can jump in here?
>
> This actually isn't all that hard. Basically you set $name_chroot to the
> directory it should chroot too. It's also a good idea to include that
> directory in required_dirs. If the bsnmpd binary has it's own chroot command
> line option, take a look at how rc.d/named does it in HEAD. Otherwise, there
> are notes in /etc/rc.subr and, the freebsd-rc@ list stands ready to help. :)
and don't follow the example in /etc/rc.d/ntpd since it can't work with
modern versions of devfs.
-- Brooks
--
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20060214/6b4bc005/attachment.bin
More information about the freebsd-net
mailing list