#
294484 |
|
21-Jan-2016 |
jamie |
MFC r294183:
Clear errno before calling getpw*.
MFC r294196:
Don't bother checking an ip[46].addr netmask/prefixlen. This is already handled by ifconfig, and it was doing it wrong when the paramater included extra ifconfig options.
PR: 205926
|
#
285827 |
|
23-Jul-2015 |
hrs |
MFC r285261, r285279:
- Fix offset calculation in variable substitution in jail.conf. The following did not work correctly:
A="A_${B}_C_${D}" B="BBBBB" D="DDDD_${E}_FFFFF" E="EEEEE"
- Implement PF_IMMUTABLE flag and apply it to "name" and "jid" in jail.conf parameters. This flag disallows redefinition of the parameter.
"name" and/or "jid" are automatically defined in jail.conf by using the jail names at the front of jail parameter definitions. However, one could override them by using a variable with the same name like $name = "foo". This confused the parser and could end up with SIGSEGV.
Note that this change also affects a case when all of parameters are defined in the command line arguments, not in jail.conf. Specifically, "jail -c name=j1 name=j2" no longer works. This should be harmless.
Approved by: re (gjb)
|
#
278484 |
|
09-Feb-2015 |
jamie |
MFC r278323:
Add mount.procfs jail parameter, so procfs can be mounted when a prison's root is in its fstab.
Also fix a typo while I'm at it.
PR: 197237 197066
|
#
269805 |
|
11-Aug-2014 |
smh |
MFC r269522
Added support for extra ifconfig args to jail ip4.addr & ip6.addr params
This allows for CARP interfaces to be used in jails e.g. ip4.addr = "em0|10.10.1.20/32 vhid 1 pass MyPass advskew 100"
r269340 will not be MFC'ed as mentioned due to the slim window and the amount of additional commits required to support it.
Sponsored by: Multiplay
|
#
256387 |
|
12-Oct-2013 |
hrs |
MFC 256385:
- Add mount.fdescfs parameter to jail(8). This is similar to mount.devfs but mounts fdescfs. The mount happens just after mount.devfs.
- rc.d/jail now displays whole error message from jail(8) when a jail fails to start.
Approved by: re (gjb)
|
#
285827 |
|
23-Jul-2015 |
hrs |
MFC r285261, r285279:
- Fix offset calculation in variable substitution in jail.conf. The following did not work correctly:
A="A_${B}_C_${D}" B="BBBBB" D="DDDD_${E}_FFFFF" E="EEEEE"
- Implement PF_IMMUTABLE flag and apply it to "name" and "jid" in jail.conf parameters. This flag disallows redefinition of the parameter.
"name" and/or "jid" are automatically defined in jail.conf by using the jail names at the front of jail parameter definitions. However, one could override them by using a variable with the same name like $name = "foo". This confused the parser and could end up with SIGSEGV.
Note that this change also affects a case when all of parameters are defined in the command line arguments, not in jail.conf. Specifically, "jail -c name=j1 name=j2" no longer works. This should be harmless.
Approved by: re (gjb)
|
#
278484 |
|
09-Feb-2015 |
jamie |
MFC r278323:
Add mount.procfs jail parameter, so procfs can be mounted when a prison's root is in its fstab.
Also fix a typo while I'm at it.
PR: 197237 197066
|
#
269805 |
|
11-Aug-2014 |
smh |
MFC r269522
Added support for extra ifconfig args to jail ip4.addr & ip6.addr params
This allows for CARP interfaces to be used in jails e.g. ip4.addr = "em0|10.10.1.20/32 vhid 1 pass MyPass advskew 100"
r269340 will not be MFC'ed as mentioned due to the slim window and the amount of additional commits required to support it.
Sponsored by: Multiplay
|
#
256387 |
|
12-Oct-2013 |
hrs |
MFC 256385:
- Add mount.fdescfs parameter to jail(8). This is similar to mount.devfs but mounts fdescfs. The mount happens just after mount.devfs.
- rc.d/jail now displays whole error message from jail(8) when a jail fails to start.
Approved by: re (gjb)
|