conf/149050: rcorder ``nojail'' too coarse for Jail+VNET
Matthew N. Dodd
mdodd at FreeBSD.org
Thu Jul 29 03:00:15 UTC 2010
>Number: 149050
>Category: conf
>Synopsis: rcorder ``nojail'' too coarse for Jail+VNET
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jul 29 03:00:15 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Matthew N. Dodd
>Release:
>Organization:
>Environment:
>Description:
When using jail & vnet the init script KEYWORD ``nojail''
is not fine grained enough to control selection of
startup scripts.
>How-To-Repeat:
>Fix:
Patch exposes PR_VNET flag via sysctl 'security.jail.vnet'
in the same manner as 'security.jail.jailed.'
rc & rc.shutdown updated to emit 'nojailvnet' for jails
without vnets.
Select init scripts altered nojail->nojailvnet.
>Release-Note:
>Audit-Trail:
>Unformatted:
Release: FreeBSD 8.1-STABLE i386
>System: FreeBSD neo-sasami.jurai.net 8.1-STABLE FreeBSD 8.1-STABLE #7: Wed Jul 28 21:31:22 EDT 2010 root at neo-sasami.jurai.net:/usr/src/sys/i386/compile/DL380G3 i386
<machine, os, target, libraries (multiple lines)>
More information about the freebsd-bugs
mailing list