diff options
author | hrs <hrs@FreeBSD.org> | 2014-09-13 18:54:15 +0000 |
---|---|---|
committer | hrs <hrs@FreeBSD.org> | 2014-09-13 18:54:15 +0000 |
commit | de7f3e3c402722bf4ff53574b0312000025685af (patch) | |
tree | e1349e07bcb9bdf98dd7796d90ad5414228b6447 /etc/rc.subr | |
parent | bf4280c0a854fd618d3acdde6ca8d0b1cb0264cb (diff) | |
download | FreeBSD-src-de7f3e3c402722bf4ff53574b0312000025685af.zip FreeBSD-src-de7f3e3c402722bf4ff53574b0312000025685af.tar.gz |
Do not set net.inet.ip.{sourceroute,accept_sourceroute} in a vnet jail.
The following warnings were displayed:
sysctl: net.inet.ip.sourceroute=0: Operation not permitted
sysctl: net.inet.ip.accept_sourceroute=0: Operation not permitted
Diffstat (limited to 'etc/rc.subr')
-rw-r--r-- | etc/rc.subr | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/etc/rc.subr b/etc/rc.subr index ff4e898..97b631f 100644 --- a/etc/rc.subr +++ b/etc/rc.subr @@ -1966,6 +1966,22 @@ check_required_after() return 0 } +# check_jail mib +# Return true if security.jail.$mib exists and set to 1. + +check_jail() +{ + local _mib _v + + _mib=$1 + if _v=$(${SYSCTL_N} "security.jail.$_mib" 2> /dev/null); then + case $_v in + 1) return 0;; + esac + fi + return 1 +} + # check_kern_features mib # Return existence of kern.features.* sysctl MIB as true or # false. The result will be cached in $_rc_cache_kern_features_ |