| jail.c (234712) | jail.c (234988) |
|---|---|
| 1/*- 2 * Copyright (c) 1999 Poul-Henning Kamp. 3 * Copyright (c) 2009-2012 James Gritton 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 12 unchanged lines hidden (view full) --- 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1999 Poul-Henning Kamp. 3 * Copyright (c) 2009-2012 James Gritton 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: --- 12 unchanged lines hidden (view full) --- 21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25 * SUCH DAMAGE. 26 */ 27 28#include <sys/cdefs.h> |
| 29__FBSDID("$FreeBSD: head/usr.sbin/jail/jail.c 234712 2012-04-26 17:36:05Z jamie $"); | 29__FBSDID("$FreeBSD: head/usr.sbin/jail/jail.c 234988 2012-05-03 21:39:23Z jamie $"); |
| 30 31#include <sys/types.h> 32#include <sys/stat.h> 33#include <sys/socket.h> 34#include <sys/sysctl.h> 35 36#include <arpa/inet.h> 37#include <netinet/in.h> --- 38 unchanged lines hidden (view full) --- 76 { "security.jail.sysvipc_allowed", KP_ALLOW_SYSVIPC, 0 }, 77 { "security.jail.allow_raw_sockets", KP_ALLOW_RAW_SOCKETS, 0 }, 78 { "security.jail.chflags_allowed", KP_ALLOW_CHFLAGS, 0 }, 79 { "security.jail.mount_allowed", KP_ALLOW_MOUNT, 0 }, 80 { "security.jail.socket_unixiproute_only", KP_ALLOW_SOCKET_AF, 1 }, 81}; 82 83static const enum intparam startcommands[] = { | 30 31#include <sys/types.h> 32#include <sys/stat.h> 33#include <sys/socket.h> 34#include <sys/sysctl.h> 35 36#include <arpa/inet.h> 37#include <netinet/in.h> --- 38 unchanged lines hidden (view full) --- 76 { "security.jail.sysvipc_allowed", KP_ALLOW_SYSVIPC, 0 }, 77 { "security.jail.allow_raw_sockets", KP_ALLOW_RAW_SOCKETS, 0 }, 78 { "security.jail.chflags_allowed", KP_ALLOW_CHFLAGS, 0 }, 79 { "security.jail.mount_allowed", KP_ALLOW_MOUNT, 0 }, 80 { "security.jail.socket_unixiproute_only", KP_ALLOW_SOCKET_AF, 1 }, 81}; 82 83static const enum intparam startcommands[] = { |
| 84 0, | 84 IP__NULL, |
| 85#ifdef INET 86 IP__IP4_IFADDR, 87#endif 88#ifdef INET6 89 IP__IP6_IFADDR, 90#endif 91 IP_MOUNT, 92 IP__MOUNT_FROM_FSTAB, 93 IP_MOUNT_DEVFS, 94 IP_EXEC_PRESTART, 95 IP__OP, 96 IP_VNET_INTERFACE, 97 IP_EXEC_START, 98 IP_COMMAND, 99 IP_EXEC_POSTSTART, | 85#ifdef INET 86 IP__IP4_IFADDR, 87#endif 88#ifdef INET6 89 IP__IP6_IFADDR, 90#endif 91 IP_MOUNT, 92 IP__MOUNT_FROM_FSTAB, 93 IP_MOUNT_DEVFS, 94 IP_EXEC_PRESTART, 95 IP__OP, 96 IP_VNET_INTERFACE, 97 IP_EXEC_START, 98 IP_COMMAND, 99 IP_EXEC_POSTSTART, |
| 100 0 | 100 IP__NULL |
| 101}; 102 103static const enum intparam stopcommands[] = { | 101}; 102 103static const enum intparam stopcommands[] = { |
| 104 0, | 104 IP__NULL, |
| 105 IP_EXEC_PRESTOP, 106 IP_EXEC_STOP, 107 IP_STOP_TIMEOUT, 108 IP__OP, 109 IP_EXEC_POSTSTOP, 110 IP_MOUNT_DEVFS, 111 IP__MOUNT_FROM_FSTAB, 112 IP_MOUNT, 113#ifdef INET6 114 IP__IP6_IFADDR, 115#endif 116#ifdef INET 117 IP__IP4_IFADDR, 118#endif | 105 IP_EXEC_PRESTOP, 106 IP_EXEC_STOP, 107 IP_STOP_TIMEOUT, 108 IP__OP, 109 IP_EXEC_POSTSTOP, 110 IP_MOUNT_DEVFS, 111 IP__MOUNT_FROM_FSTAB, 112 IP_MOUNT, 113#ifdef INET6 114 IP__IP6_IFADDR, 115#endif 116#ifdef INET 117 IP__IP4_IFADDR, 118#endif |
| 119 0 | 119 IP__NULL |
| 120}; 121 122int 123main(int argc, char **argv) 124{ 125 struct stat st; 126 FILE *jfp; 127 struct cfjail *j; --- 862 unchanged lines hidden --- | 120}; 121 122int 123main(int argc, char **argv) 124{ 125 struct stat st; 126 FILE *jfp; 127 struct cfjail *j; --- 862 unchanged lines hidden --- |