PERFORCE change 100328 for review
Chris Jones
cdjones at FreeBSD.org
Fri Jun 30 03:50:58 UTC 2006
http://perforce.freebsd.org/chv.cgi?CH=100328
Change 100328 by cdjones at cdjones-impulse on 2006/06/30 03:50:13
Continued fixing for -6 base.
Affected files ...
.. //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/Makefile#2 integrate
.. //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/jail.8#3 integrate
.. //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/jail.c#3 integrate
Differences ...
==== //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/Makefile#2 (text+ko) ====
==== //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/jail.8#3 (text+ko) ====
@@ -31,9 +31,9 @@
.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
.\" ----------------------------------------------------------------------------
.\"
-.\" $FreeBSD: src/usr.sbin/jail/jail.8,v 1.80 2006/06/11 12:57:41 bz Exp $
+.\" $FreeBSD: src/usr.sbin/jail/jail.8,v 1.67.2.8 2006/05/28 09:49:42 simon Exp $
.\"
-.Dd June 11, 2006
+.Dd May 26, 2006
.Dt JAIL 8
.Os
.Sh NAME
@@ -141,8 +141,6 @@
.Xr devfs 8
for information on how to use devfs rules to limit access to entries
in the per-jail devfs.
-A simple devfs ruleset for jails is available as ruleset #4 in
-.Pa /etc/defaults/devfs.rules .
.Pp
In many cases this example would put far more in the jail than needed.
In the other extreme case a jail might contain only one file:
@@ -161,7 +159,7 @@
to build the jail directory tree.
For the sake of this example, we will
assume you built it in
-.Pa /data/jail/192.0.2.100 ,
+.Pa /data/jail/192.168.11.100 ,
named for the jailed IP address.
Substitute below as needed with your
own directory, IP address, and hostname.
@@ -187,11 +185,11 @@
in the host environment:
.Bd -literal -offset indent
sendmail_enable="NO"
-inetd_flags="-wW -a 192.0.2.23"
+inetd_flags="-wW -a 192.168.11.23"
rpcbind_enable="NO"
.Ed
.Pp
-.Li 192.0.2.23
+.Li 192.168.11.23
is the native IP address for the host system, in this example.
Daemons that run out of
.Xr inetd 8
@@ -260,7 +258,7 @@
.Pp
Start a shell in the jail:
.Pp
-.Dl "jail /data/jail/192.0.2.100 testhostname 192.0.2.100 /bin/sh"
+.Dl "jail /data/jail/192.168.11.100 testhostname 192.168.11.100 /bin/sh"
.Pp
Assuming no errors, you will end up with a shell prompt within the jail.
You can now run
@@ -313,7 +311,7 @@
.Xr syslogd 8
in the host environment to listen on the syslog socket in the jail
environment; in this example, the syslog socket would be stored in
-.Pa /data/jail/192.0.2.100/var/run/log .
+.Pa /data/jail/192.168.11.100/var/run/log .
.Pp
Exit from the shell, and the jail will be shut down.
.Ss "Starting the Jail"
@@ -340,9 +338,9 @@
If you do decide to set this variable,
it must be set before starting any jails, and once each boot.
.Bd -literal -offset indent
-ifconfig ed0 inet alias 192.0.2.100/32
-mount -t procfs proc /data/jail/192.0.2.100/proc
-jail /data/jail/192.0.2.100 testhostname 192.0.2.100 \\
+ifconfig ed0 inet alias 192.168.11.100/32
+mount -t procfs proc /data/jail/192.168.11.100/proc
+jail /data/jail/192.168.11.100 testhostname 192.168.11.100 \\
/bin/sh /etc/rc
.Ed
.Pp
==== //depot/projects/soc2006/cdjones_jail/src/usr.sbin/jail/jail.c#3 (text+ko) ====
@@ -8,7 +8,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/usr.sbin/jail/jail.c,v 1.25 2006/05/12 15:14:43 matteo Exp $");
+__FBSDID("$FreeBSD: src/usr.sbin/jail/jail.c,v 1.20.2.3 2006/05/26 10:30:59 matteo Exp $");
#include <sys/param.h>
#include <sys/jail.h>
More information about the p4-projects
mailing list