Date: Sun, 20 Apr 2003 14:03:49 -0700 (PDT) From: Doug Barton <DougB@FreeBSD.org> To: "Scot W. Hetzel" <hetzels@westbend.net> Cc: FreeBSD-Current <freebsd-current@freebsd.org> Subject: Re: Enhancements to the new rc.d/jail script Message-ID: <20030420140251.W631@znfgre.tberna.bet> In-Reply-To: <200304200055.h3K0tHJB005595@WBIw009.westbend.net> References: <200304200055.h3K0tHJB005595@WBIw009.westbend.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 Apr 2003, Scot W. Hetzel wrote: > Attached are patches for the new rc.d/jail script. This looks like good work, thanks! My only question, how will this devfs stuff affect a system that isn't running jails? Doug > Index: rc.d/devfs > =================================================================== > RCS file: /home/ncvs/src/etc/rc.d/devfs,v > retrieving revision 1.2 > diff -u -r1.2 devfs > --- rc.d/devfs 15 Dec 2002 21:56:53 -0000 1.2 > +++ rc.d/devfs 20 Apr 2003 00:10:02 -0000 > @@ -13,6 +13,22 @@ > > load_rc_config $name > > +# Standard Jail ruleset > +/sbin/devfs rule -s 10 delset > +/sbin/devfs rule -s 10 add 100 hide > +/sbin/devfs rule -s 10 add 200 path ptyp* unhide > +/sbin/devfs rule -s 10 add 300 path ttyp* unhide > +/sbin/devfs rule -s 10 add 400 path null unhide > +/sbin/devfs rule -s 10 add 500 path zero unhide > +/sbin/devfs rule -s 10 add 600 path random unhide > +/sbin/devfs rule -s 10 add 610 path urandom unhide > +/sbin/devfs rule -s 10 add 700 path fd unhide > +/sbin/devfs rule -s 10 add 800 path fd/* unhide > +/sbin/devfs rule -s 10 add 810 path mdctl unhide > +/sbin/devfs rule -s 10 add 900 path stdin unhide > +/sbin/devfs rule -s 10 add 910 path stdout unhide > +/sbin/devfs rule -s 10 add 920 path stderr unhide > + > # Setup DEVFS, ie permissions, links etc. > # > if [ -r /etc/rc.devfs ]; then
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030420140251.W631>