sysctl security.jail.* descriptions
jamie at FreeBSD.org
Thu Feb 7 03:20:47 UTC 2013
On 02/06/13 09:59, Fbsd8 wrote:
> Fbsd8 wrote:
>> Waitman Gobble wrote:
>>> On Feb 6, 2013 7:17 AM, "Fbsd8" <fbsd8 at a1poweruser.com> wrote:
>>>> Waitman Gobble wrote:
>>>>> On Feb 6, 2013 7:02 AM, "Fbsd8" <fbsd8 at a1poweruser.com> wrote:
>>>>>> Where do I find the descriptions of what these jail MIBs do?
>>>>>> security.jail.param.securelevel: 0
>>>>>> security.jail.param.path: 1024
>>>>>> security.jail.param.name: 256
>>>>>> security.jail.param.parent: 0
>>>>>> security.jail.param.jid: 0
>> What about the other security.jail.param.* MIBs
>> where are they documented at?
In the jail(8) main page, there's the following tidbit:
| Jails have a set a core parameters, and kernel modules can add their
| own jail parameters. The current set of available parameters can be
| retrieved via ``sysctl -d security.jail.param''. Any parameters not
| set will be given default values, often based on the current
The sysctls do not themselves have values. Their useful parts are the
associated types and descriptions (as well as their very existence). The
descriptions are good for the above-mentioned "sysctl -d", and the types
are used by jail(8) to know how to set a particular parameter.
> Rereading the "man jail" for 9.1 talks about securelevel as a jail
> parammeter. So correct me if I an wrong. All the
> security.jail.param.* MIBs are set in rc.conf or /etc/jail.conf file
> on a per jail bases by changing the word "parm" to the jailname?
There's not always a direct connection between the jail parameters and
the current rc.conf values. The jail parameters are what you'd use in a
jail.conf(5) file, or in the "jail_jailname_parameters" rc variable.
More information about the freebsd-questions