sysvipc only for one jail
Trond Endrestøl
Trond.Endrestol at fagskolen.gjovik.no
Mon Aug 12 12:10:03 UTC 2013
On Mon, 12 Aug 2013 13:57+0200, David Demelier wrote:
> 2013/8/12 Trond Endrestøl <Trond.Endrestol at fagskolen.gjovik.no>:
> > On Mon, 12 Aug 2013 12:40+0200, David Demelier wrote:
> >
> >> 2013/8/11 Maciej Suszko <maciej at suszko.eu>:
> >> > Maciej Suszko <maciej at suszko.eu> wrote:
> >> > [...]
> >> >>
> >> >> You can specify different params for each jail using _parameters, for
> >> >> example:
> >> >>
> >> >> jail_jailname_params="allow.chflags=1 allow.sysvipc=1"
> >> >
> >> > Sorry, my mistake - it should be jail_jailname_parameters= of course.
> >> > --
> >> > regards, Maciej Suszko.
> >>
> >> Thanks for your message,
> >>
> >> However, I could not find this setting in the manual of rc.conf(5)
> >> neither in /etc/rc.d/jail :(. It does not seems to be applied.
> >
> > Have a look at jail(8) and the last lines of /etc/default/rc.conf.
>
> I see,
>
> I've added what Maciej Suszko told me but the sysctls in the jail is
> not set as it should be :
>
> security.jail.param.allow.sysvipc: 0
> security.jail.param.allow.chflags: 0
>
> And thus, it's not enabled as postgresql tells:
>
> creating template1 database in /usr/local/pgsql/data/base/1 ... FATAL:
> could not create shared memory segment: Function not implemented
I'll look into this by creating a new jail for PostgreSQL 9.2 when I
get home.
--
+-------------------------------+------------------------------------+
| Vennlig hilsen, | Best regards, |
| Trond Endrestøl, | Trond Endrestøl, |
| IT-ansvarlig, | System administrator, |
| Fagskolen Innlandet, | Gjøvik Technical College, Norway, |
| tlf. mob. 952 62 567, | Cellular...: +47 952 62 567, |
| sentralbord 61 14 54 00. | Switchboard: +47 61 14 54 00. |
+-------------------------------+------------------------------------+
More information about the freebsd-questions
mailing list