sysvipc only for one jail
David Demelier
demelier.david at gmail.com
Mon Aug 12 11:57:16 UTC 2013
2013/8/12 Trond Endrestøl <Trond.Endrestol at fagskolen.gjovik.no>:
> On Mon, 12 Aug 2013 12:40+0200, David Demelier wrote:
>
>> 2013/8/11 Maciej Suszko <maciej at suszko.eu>:
>> > Maciej Suszko <maciej at suszko.eu> wrote:
>> > [...]
>> >>
>> >> You can specify different params for each jail using _parameters, for
>> >> example:
>> >>
>> >> jail_jailname_params="allow.chflags=1 allow.sysvipc=1"
>> >
>> > Sorry, my mistake - it should be jail_jailname_parameters= of course.
>> > --
>> > regards, Maciej Suszko.
>>
>> Thanks for your message,
>>
>> However, I could not find this setting in the manual of rc.conf(5)
>> neither in /etc/rc.d/jail :(. It does not seems to be applied.
>
> Have a look at jail(8) and the last lines of /etc/default/rc.conf.
>
> --
> +-------------------------------+------------------------------------+
> | Vennlig hilsen, | Best regards, |
> | Trond Endrestøl, | Trond Endrestøl, |
> | IT-ansvarlig, | System administrator, |
> | Fagskolen Innlandet, | Gjøvik Technical College, Norway, |
> | tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, |
> | sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. |
> +-------------------------------+------------------------------------+
I see,
I've added what Maciej Suszko told me but the sysctls in the jail is
not set as it should be :
security.jail.param.allow.sysvipc: 0
security.jail.param.allow.chflags: 0
And thus, it's not enabled as postgresql tells:
creating template1 database in /usr/local/pgsql/data/base/1 ... FATAL:
could not create shared memory segment: Function not implemented
Cheers,
--
Demelier David
More information about the freebsd-questions
mailing list