Date: Thu, 26 Jun 2014 08:36:41 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-jail@FreeBSD.org Subject: [Bug 191279] [jail] jail allow.sysvipc - doesn't work until jail is started TWICE after reboot Message-ID: <bug-191279-9824-Ocz21Mcr6g@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-191279-9824@https.bugs.freebsd.org/bugzilla/> References: <bug-191279-9824@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191279 --- Comment #3 from dreamcat4@gmail.com --- Thanks man! It's good news to hear. Hopefully the bug will go away once I'm moved to 10.0.(In reply to dewayne from comment #2) > Dreamcat, Testing on two stables built within last 24 hours > # sysctl -a|grep sysvi > security.jail.param.allow.sysvipc: 0 > security.jail.sysvipc_allowed: 1 > > My jail.conf contains > test1 { ip4.addr = "10.0.5.241"; devfs_ruleset = "4"; allow.sysvipc; > allow.chflags; } > > which is the jail that I tested for sysvipc. Thanks for testing this. You individual jail setting looks good. My global sysvipc setting is different than yours however: freenas ~/ root^> sysctl -a|grep Sylvia security.jail.param.allow.sysvipc: 0 security.jail.sysvipc_allowed: 0 Reason: Don't want to enable it for all the other jails. It is only needed on 1 specific jail. FYI: Another PR relevant to isolating ipc to single-jail: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=48471 -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-191279-9824-Ocz21Mcr6g>