diff options
| author | jamie <jamie@FreeBSD.org> | 2009-05-29 21:27:12 +0000 |
|---|---|---|
| committer | jamie <jamie@FreeBSD.org> | 2009-05-29 21:27:12 +0000 |
| commit | 572db1408a55640213faa331981d20cda01f68d8 (patch) | |
| tree | 36c53629863ffb1eb32354e9a24549059dd6273f /usr.sbin/jail | |
| parent | 64785ac65985d6800df1bacd80b5a3ba30b36b27 (diff) | |
| download | FreeBSD-src-572db1408a55640213faa331981d20cda01f68d8.zip FreeBSD-src-572db1408a55640213faa331981d20cda01f68d8.tar.gz | |
Place hostnames and similar information fully under the prison system.
The system hostname is now stored in prison0, and the global variable
"hostname" has been removed, as has the hostname_mtx mutex. Jails may
have their own host information, or they may inherit it from the
parent/system. The proper way to read the hostname is via
getcredhostname(), which will copy either the hostname associated with
the passed cred, or the system hostname if you pass NULL. The system
hostname can still be accessed directly (and without locking) at
prison0.pr_host, but that should be avoided where possible.
The "similar information" referred to is domainname, hostid, and
hostuuid, which have also become prison parameters and had their
associated global variables removed.
Approved by: bz (mentor)
Diffstat (limited to 'usr.sbin/jail')
| -rw-r--r-- | usr.sbin/jail/jail.8 | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/usr.sbin/jail/jail.8 b/usr.sbin/jail/jail.8 index e631207..a37a122 100644 --- a/usr.sbin/jail/jail.8 +++ b/usr.sbin/jail/jail.8 @@ -34,7 +34,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 27, 2009 +.Dd May 29, 2009 .Dt JAIL 8 .Os .Sh NAME @@ -263,7 +263,14 @@ A list of IPv6 addresses assigned to the prison, the counterpart to above. .It Va host.hostname Hostname of the prison. -If not specified, a jail will use the system hostname. +Other similar parameters are +.Va host.domainname , +.Va host.hostuuid +and +.Va host.hostid . +Setting the boolean parameter +.Va nohost +will retain the system values of these settings. .It Va securelevel The value of the jail's .Va kern.securelevel @@ -737,13 +744,16 @@ The variable determines how may address per address family a prison may have. The default is 255. .Pp -There are currently two MIB variables that have per-jail settings. +Some MIB variables have per-jail settings. Changes to these variables by a jailed process do not effect the host environment, only the jail environment. -The variables are -.Va kern.securelevel +These variables are +.Va kern.securelevel , +.Va kern.hostname , +.Va kern.domainname , +.Va kern.hostid , and -.Va kern.hostname . +.Va kern.hostuuid . .Ss "Hierarchical Jails" By setting a jail's .Va allow.jails |
