Introduce the extensible jail framework, using the same "name=value"

interface as nmount(2). Three new system calls are added: * jail_set, to create jails and change the parameters of existing jails. This replaces jail(2). * jail_get, to read the parameters of existing jails. This replaces the security.jail.list sysctl. * jail_remove to kill off a jail's processes and remove the jail. Most jail parameters may now be changed after creation, and jails may be set to exist without any attached processes. The current jail(2) system call still exists, though it is now a stub to jail_set(2). Approved by: bz (mentor)
author: jamie <jamie@FreeBSD.org> 2009-04-29 21:14:15 +0000
committer: jamie <jamie@FreeBSD.org> 2009-04-29 21:14:15 +0000
commit: 453b86f943612b273e23c7de9941d00149802f15 (patch)
tree: 22957bdb61dcda0f3a60d42b6e80866c9764e591 /sys/sys/priv.h
parent: 32a71137f08bc028578417de36a241d7e6011f58 (diff)
download: FreeBSD-src-453b86f943612b273e23c7de9941d00149802f15.zip
FreeBSD-src-453b86f943612b273e23c7de9941d00149802f15.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
index 6609657..4335406 100644
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -128,6 +128,8 @@
  * Jail privileges.
  */
 #define	PRIV_JAIL_ATTACH	110	/* Attach to a jail. */
+#define	PRIV_JAIL_SET		111	/* Set jail parameters. */
+#define	PRIV_JAIL_REMOVE	112	/* Remove a jail. */
 
 /*
  * Kernel environment priveleges.
author	jamie <jamie@FreeBSD.org>	2009-04-29 21:14:15 +0000
committer	jamie <jamie@FreeBSD.org>	2009-04-29 21:14:15 +0000
commit	453b86f943612b273e23c7de9941d00149802f15 (patch)
tree	22957bdb61dcda0f3a60d42b6e80866c9764e591 /sys/sys/priv.h
parent	32a71137f08bc028578417de36a241d7e6011f58 (diff)
download	FreeBSD-src-453b86f943612b273e23c7de9941d00149802f15.zip FreeBSD-src-453b86f943612b273e23c7de9941d00149802f15.tar.gz