diff options
| author | jamie <jamie@FreeBSD.org> | 2013-05-19 04:10:34 +0000 |
|---|---|---|
| committer | jamie <jamie@FreeBSD.org> | 2013-05-19 04:10:34 +0000 |
| commit | 7941fefd80009514446ab99f32ddfd03121d225b (patch) | |
| tree | 75f092c389fa19cc71a84d757fa9671acf2fe9fe /etc | |
| parent | 678597bc5abd3902a84210a703be65ad9c972b5d (diff) | |
| download | FreeBSD-src-7941fefd80009514446ab99f32ddfd03121d225b.zip FreeBSD-src-7941fefd80009514446ab99f32ddfd03121d225b.tar.gz | |
Refine the "nojail" rc keyword, adding "nojailvnet" for files that don't
apply to most jails but do apply to vnet jails. This includes adding
a new sysctl "security.jail.vnet" to identify vnet jails.
PR: conf/149050
Submitted by: mdodd
MFC after: 3 days
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/rc | 3 | ||||
| -rwxr-xr-x | etc/rc.d/ipfw | 2 | ||||
| -rwxr-xr-x | etc/rc.d/netif | 2 | ||||
| -rwxr-xr-x | etc/rc.d/routing | 2 | ||||
| -rw-r--r-- | etc/rc.shutdown | 7 |
5 files changed, 12 insertions, 4 deletions
@@ -77,6 +77,9 @@ if [ `/sbin/sysctl -n security.jail.jailed` -eq 1 ]; then if [ "$early_late_divider" = "FILESYSTEMS" ]; then early_late_divider=NETWORKING fi + if [ `/sbin/sysctl -n security.jail.vnet` -ne 1 ]; then + skip="$skip -s nojailvnet" + fi fi # Do a first pass to get everything up to $early_late_divider so that diff --git a/etc/rc.d/ipfw b/etc/rc.d/ipfw index f405832..e84445c 100755 --- a/etc/rc.d/ipfw +++ b/etc/rc.d/ipfw @@ -5,7 +5,7 @@ # PROVIDE: ipfw # REQUIRE: ppp -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr diff --git a/etc/rc.d/netif b/etc/rc.d/netif index 19b857f..2ace581 100755 --- a/etc/rc.d/netif +++ b/etc/rc.d/netif @@ -28,7 +28,7 @@ # PROVIDE: netif # REQUIRE: atm1 FILESYSTEMS serial sppp sysctl # REQUIRE: ipfilter ipfs -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr diff --git a/etc/rc.d/routing b/etc/rc.d/routing index 0fe86c7..f4f3f7b 100755 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -7,7 +7,7 @@ # PROVIDE: routing # REQUIRE: faith netif ppp stf -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr diff --git a/etc/rc.shutdown b/etc/rc.shutdown index 81cc994..a0dd698 100644 --- a/etc/rc.shutdown +++ b/etc/rc.shutdown @@ -81,7 +81,12 @@ fi # and perform the operation # rcorder_opts="-k shutdown" -[ `/sbin/sysctl -n security.jail.jailed` -eq 1 ] && rcorder_opts="$rcorder_opts -s nojail" +if [ `/sbin/sysctl -n security.jail.jailed` -eq 1 ]; then + rcorder_opts="$rcorder_opts -s nojail" + if [ `/sbin/sysctl -n security.jail.vnet` -ne 1 ]; then + rcorder_opts="$rcorder_opts -s nojailvnet" + fi +fi case ${local_startup} in [Nn][Oo] | '') ;; |
