jail.8 (164481) | jail.8 (168396) |
---|---|
1.\" 2.\" Copyright (c) 2000, 2003 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright --- 17 unchanged lines hidden (view full) --- 26.\" 27.\" ---------------------------------------------------------------------------- 28.\" "THE BEER-WARE LICENSE" (Revision 42): 29.\" <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you 30.\" can do whatever you want with this stuff. If we meet some day, and you think 31.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 32.\" ---------------------------------------------------------------------------- 33.\" | 1.\" 2.\" Copyright (c) 2000, 2003 Robert N. M. Watson 3.\" All rights reserved. 4.\" 5.\" Redistribution and use in source and binary forms, with or without 6.\" modification, are permitted provided that the following conditions 7.\" are met: 8.\" 1. Redistributions of source code must retain the above copyright --- 17 unchanged lines hidden (view full) --- 26.\" 27.\" ---------------------------------------------------------------------------- 28.\" "THE BEER-WARE LICENSE" (Revision 42): 29.\" <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you 30.\" can do whatever you want with this stuff. If we meet some day, and you think 31.\" this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp 32.\" ---------------------------------------------------------------------------- 33.\" |
34.\" $FreeBSD: head/usr.sbin/jail/jail.8 164481 2006-11-21 23:45:44Z rodrigc $ | 34.\" $FreeBSD: head/usr.sbin/jail/jail.8 168396 2007-04-05 21:03:05Z pjd $ |
35.\" 36.Dd June 11, 2006 37.Dt JAIL 8 38.Os 39.Sh NAME 40.Nm jail 41.Nd "imprison process and its descendants" 42.Sh SYNOPSIS --- 498 unchanged lines hidden (view full) --- 541This MIB entry determines how a privileged user inside a jail will be 542treated by 543.Xr chflags 2 . 544If zero, such users are treated as unprivileged, and are unable to set 545or clear system file flags; if non-zero, such users are treated as 546privileged, and may manipulate system file flags subject to the usual 547constraints on 548.Va kern.securelevel . | 35.\" 36.Dd June 11, 2006 37.Dt JAIL 8 38.Os 39.Sh NAME 40.Nm jail 41.Nd "imprison process and its descendants" 42.Sh SYNOPSIS --- 498 unchanged lines hidden (view full) --- 541This MIB entry determines how a privileged user inside a jail will be 542treated by 543.Xr chflags 2 . 544If zero, such users are treated as unprivileged, and are unable to set 545or clear system file flags; if non-zero, such users are treated as 546privileged, and may manipulate system file flags subject to the usual 547constraints on 548.Va kern.securelevel . |
549.It Va security.jail.mount_allowed 550This MIB entry determines if a privileged user inside a jail will be 551able to mount and unmount file system types marked as jail-friendly. 552The 553.Xr lsvfs 1 554command can be used to find file system types available for mount from within 555a jail. 556This functionality is disabled by default, but can be enabled by setting this 557MIB entry to 1. |
|
549.El 550.Pp 551The read-only sysctl variable 552.Va security.jail.jailed 553can be used to determine if a process is running inside a jail (value 554is one) or not (value is zero). 555.Pp 556The --- 10 unchanged lines hidden (view full) --- 567Changes to these variables by a jailed process do not effect the host 568environment, only the jail environment. 569The variables are 570.Va kern.securelevel 571and 572.Va kern.hostname . 573.Sh SEE ALSO 574.Xr killall 1 , | 558.El 559.Pp 560The read-only sysctl variable 561.Va security.jail.jailed 562can be used to determine if a process is running inside a jail (value 563is one) or not (value is zero). 564.Pp 565The --- 10 unchanged lines hidden (view full) --- 576Changes to these variables by a jailed process do not effect the host 577environment, only the jail environment. 578The variables are 579.Va kern.securelevel 580and 581.Va kern.hostname . 582.Sh SEE ALSO 583.Xr killall 1 , |
584.Xr lsvfs 1 , |
|
575.Xr newaliases 1 , 576.Xr pgrep 1 , 577.Xr pkill 1 , 578.Xr ps 1 , 579.Xr chroot 2 , 580.Xr jail 2 , 581.Xr jail_attach 2 , 582.Xr procfs 5 , --- 48 unchanged lines hidden --- | 585.Xr newaliases 1 , 586.Xr pgrep 1 , 587.Xr pkill 1 , 588.Xr ps 1 , 589.Xr chroot 2 , 590.Xr jail 2 , 591.Xr jail_attach 2 , 592.Xr procfs 5 , --- 48 unchanged lines hidden --- |