summaryrefslogtreecommitdiffstats
path: root/usr.sbin/jail/jail.8
Commit message (Collapse)AuthorAgeFilesLines
* MFH: 285685araujo2016-02-241-1/+19
| | | | | | | | | | | Add support to the jail framework to be able to mount linsysfs(5) and linprocfs(5). PR: 207179 Requested by: thomas@gibfest.dk Reviewed by: jamie, bapt Approved by: re (gjb) Sponsored by: gandi.net Differential Revision: https://reviews.freebsd.org/D5390
* MFC r285869.dru2015-08-031-1/+1
| | | | | | | Fix transposed words in man page. PR: 201752 Reviewed by: gjb
* MFC r279361, r279395, r279396:ian2015-03-251-2/+10
| | | | | | | | | | | Allow the kern.osrelease and kern.osreldate sysctl values to be set in a jail's creation parameters. This allows the kernel version to be reliably spoofed within the jail whether examined directly with sysctl or indirectly with the uname -r and -K options. Export the new osreldate and osrelease jail parms in jail_get(2). Fix line wrap.
* MFC r278323:jamie2015-02-101-1/+8
| | | | | | | | | Add mount.procfs jail parameter, so procfs can be mounted when a prison's root is in its fstab. Also fix a typo while I'm at it. PR: 197237 197066
* MFC r277855:jamie2015-01-311-2/+10
| | | | | | | Add allow.mount.fdescfs jail flag. PR: 192951 Submitted by: ruben@verweg.com
* Merge r266206 from head (by bjk):gavin2014-08-141-98/+101
| | | | | | | | | | | | | | | | | | | | Review pass through jail.8 Replace usage of "prison" with "jail", since that term has mostly dropped out of use. Note once at the beginning that the "prison" term is equivalent, but do not use it otherwise. [1] Some grammar issues. Some mdoc formatting fixes. Consistently use \(em for em dashes, with spaces around it. Avoid contractions. Prefer ssh to telnet. PR: 176832 [1]
* Merge r268488 from head:gavin2014-08-131-2/+3
| | | | | | | Reword an awkward option description PR: 191726 Submitted by: yaneurabeya gmail.com
* MFC r269522smh2014-08-111-5/+12
| | | | | | | | | | | | Added support for extra ifconfig args to jail ip4.addr & ip6.addr params This allows for CARP interfaces to be used in jails e.g. ip4.addr = "em0|10.10.1.20/32 vhid 1 pass MyPass advskew 100" r269340 will not be MFC'ed as mentioned due to the slim window and the amount of additional commits required to support it. Sponsored by: Multiplay
* MFC 256385:hrs2013-10-121-5/+15
| | | | | | | | | | | - Add mount.fdescfs parameter to jail(8). This is similar to mount.devfs but mounts fdescfs. The mount happens just after mount.devfs. - rc.d/jail now displays whole error message from jail(8) when a jail fails to start. Approved by: re (gjb)
* Allow tmpfs be mounted inside jail.delphij2013-08-231-1/+9
|
* Warn about filesystem-based attacks.des2012-09-161-1/+9
|
* Minor spelling fixes.joel2012-06-031-1/+1
|
* Fixes to man8 groff mandoc style, usage mistakes, or typos.wblock2012-05-241-4/+5
| | | | | | | PR: 168016 Submitted by: Nobuyuki Koganemaru Approved by: gjb MFC after: 3 days
* Note that the new jail(8) will be appearing in 9.1.jamie2012-05-231-2/+2
|
* Remove end of line whitespace.joel2012-05-121-3/+3
|
* Fix .Pp macro.joel2012-05-111-1/+1
|
* A new jail(8) with a configuration file, ultimately to replace the workjamie2012-04-261-220/+473
|\ | | | | | | | | | | currently done by /etc/rc.d/jail. MFC after: 3 months
| * Use the defvs_ruleset paramater when mounting a jail's /dev,jamie2012-02-271-8/+3
| | | | | | | | instead of a mount.devfs.ruleset pseudo-parameter.
| * From r224286:jamie2012-02-271-3/+57
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Document the potential for jail escape. From r224615: Always disable mount and unmount for jails with enforce_statfs==2. From r231267: A new jail(8) option "devfs_ruleset" defines the ruleset enforcement for mounting devfs inside jails. A value of -1 disables mounting devfs in jails, a value of zero means no restrictions. Nested jails can only have mounting devfs disabled or inherit parent's enforcement as jails are not allowed to view or manipulate devfs(8) rules. From r232059: To improve control over the use of mount(8) inside a jail(8), introduce a new jail parameter node with the following parameters: allow.mount.devfs: allow mounting the devfs filesystem inside a jail allow.mount.nullfs: allow mounting the nullfs filesystem inside a jail From r232186: allow.mount.zfs: allow mounting the zfs filesystem inside a jail
| * Better communicate the purpose of "-r *".jamie2012-01-311-2/+4
| |
| * Update copyright dates and other whitespacey stuff.jamie2011-06-171-1/+1
| |
| * Initial work on the new jail(8). There are more features to add, and somejamie2010-10-201-220/+465
| | | | | | | | | | cleaning up to do on existing features, but this is pretty much what the final product will look like.
* | Bump .Dd to reflect latest updatemm2012-02-291-1/+1
| | | | | | | | | | Reported by: bz MFC after: 1 week
* | Add procfs to jail-mountable filesystems.mm2012-02-291-0/+8
| | | | | | | | | | Reviewed by: jamie MFC after: 1 week
* | mdoc(7) stype - start new sentences on new linemm2012-02-281-8/+10
| | | | | | | | MFC after: 1 week
* | Analogous to r232059, add a parameter for the ZFS file system:mm2012-02-261-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | allow.mount.zfs: allow mounting the zfs filesystem inside a jail This way the permssions for mounting all current VFCF_JAIL filesystems inside a jail are controlled wia allow.mount.* jail parameters. Update sysctl descriptions. Update jail(8) and zfs(8) manpages. TODO: document the connection of allow.mount.* and VFCF_JAIL for kernel developers MFC after: 10 days
* | To improve control over the use of mount(8) inside a jail(8), introducemm2012-02-231-8/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a new jail parameter node with the following parameters: allow.mount.devfs: allow mounting the devfs filesystem inside a jail allow.mount.nullfs: allow mounting the nullfs filesystem inside a jail Both parameters are disabled by default (equals the behavior before devfs and nullfs in jails). Administrators have to explicitly allow mounting devfs and nullfs for each jail. The value "-1" of the devfs_ruleset parameter is removed in favor of the new allow setting. Reviewed by: jamie Suggested by: pjd MFC after: 2 weeks
* | Add support for mounting devfs inside jails.mm2012-02-091-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | A new jail(8) option "devfs_ruleset" defines the ruleset enforcement for mounting devfs inside jails. A value of -1 disables mounting devfs in jails, a value of zero means no restrictions. Nested jails can only have mounting devfs disabled or inherit parent's enforcement as jails are not allowed to view or manipulate devfs(8) rules. Utilizes new functions introduced in r231265. Reviewed by: jamie MFC after: 1 month
* | Always disable mount and unmount for jails with enforce_statfs==2.mm2011-08-021-2/+7
| | | | | | | | | | | | | | | | A working statfs(2) is required for umount(8) in jail. Reviewed by: pjd, kib Approved by: re (kib) MFC after: 2 weeks
* | Revert my last change to this file, as BETA1 is not announced yet.bcr2011-07-281-6/+1
| | | | | | | | | | | | Pointed out by: kib Pointy hat to: me Approved by: re (kib, implicit)
* | Add a section to the jail chapter that explains why it is notbcr2011-07-281-1/+6
| | | | | | | | | | | | | | | | | | recommended to allow root users in the jail to access the host system. PR: docs/156853 Submitted by: crees Patch by: crees Approved by: re (kib) for BETA1
* | Document the potential for jail escape.gjb2011-07-241-1/+8
| | | | | | | | | | | | | | | | | | Submitted by: Vedad KAJTAZ (vedad % kajtaz net) PR: 142341 Reviewed by: bz, rwatson Rewording by: rwatson Approved by: re (kensmith) MFC after: 3 days
* | Revert r221655:bcr2011-05-081-6/+2
| | | | | | | | | | Various people voiced their concerns about these changes. Until this is resolved, we should use the old version.
* | Jails have a problem in that if the jail directory is world-readable,bcr2011-05-081-2/+6
|/ | | | | | | | | | | | | | | an attacker with root access to the jail can create a setuid binary for their own use in the host environment (if they also have this access), thus breaking root in the host. This exploit is impossible if the jail's files are not world-readable. Add instructions to the man page on how to create a jail with the correct permissions set. PR: docs/156853 Submitted by: Chris Rees (utisoft at gmail dot com) Reviewed by: cperciva (security parts) MFC after: 9 days
* mdoc: drop redundant .Pp and .LP callsuqs2010-10-081-2/+0
| | | | They have no effect when coming in pairs, or before .Bl/.Bd
* Back out r210975, which changed documentation to match the now backed-outjamie2010-08-081-5/+5
| | | | r210974.
* Note that a jail without a command parameter will be persistent,jamie2010-08-061-5/+5
| | | | | | instead of explicitly requiring one of "command" or "persist". MFC after: 3 days
* Spelling fixes.joel2010-08-011-2/+2
|
* mdoc: consistently spell our email addresses <foo@FreeBSD.org>uqs2010-05-191-1/+1
| | | | Reviewed by: ru
* - fix typodanger2010-05-051-1/+1
|
* Make 'make manlint' happy. No actual visible change.delphij2010-03-031-5/+1
|
* Add ip4.saddrsel/ip4.nosaddrsel (and equivalent for ip6) to controlbz2010-01-171-4/+12
| | | | | | | | | | | | | | | | | | | | whether to use source address selection (default) or the primary jail address for unbound outgoing connections. This is intended to be used by people upgrading from single-IP jails to multi-IP jails but not having to change firewall rules, application ACLs, ... but to force their connections (unless otherwise changed) to the primry jail IP they had been used for years, as well as for people prefering to implement similar policies. Note that for IPv6, if configured incorrectly, this might lead to scope violations, which single-IPv6 jails could as well, as by the design of jails. [1] Reviewed by: jamie, hrs (ipv6 part) Pointed out by: hrs [1] MFC After: 2 weeks Asked for by: Jase Thew (bazerka beardz.net)
* - New style of jail(8) usage requires "-c" argument to create a jail.kuriyama2009-11-261-2/+2
| | | | Reviewed by: jamie
* Don't forget to increment the man page date.ed2009-10-181-1/+1
| | | | Reported by: bz
* Fix a typo in the jail(8) manpage.ed2009-10-181-1/+1
| | | | | Submitted by: Jille Timmermans <jille quis cx> MFC after: 1 week
* Some jail parameters (in particular, "ip4" and "ip6" for IP addressjamie2009-07-251-11/+29
| | | | | | | | | restrictions) were found to be inadequately described by a boolean. Define a new parameter type with three values (disable, new, inherit) to handle these and future cases. Approved by: re (kib), bz (mentor) Discussed with: rwatson
* Fix a typo in the examples.jamie2009-07-081-2/+2
| | | | Approved by: re (kib), bz (mentor)
* Add a limit for child jails via the "children.cur" and "children.max"jamie2009-06-231-8/+15
| | | | | | parameters. This replaces the simple "allow.jails" permission. Approved by: bz (mentor)
* Fix grammar.jkoshy2009-06-081-1/+1
| | | | Submitted by: richardtoohey at paradise dot net dot nz on -doc
* Place hostnames and similar information fully under the prison system.jamie2009-05-291-6/+16
| | | | | | | | | | | | | | | | | The system hostname is now stored in prison0, and the global variable "hostname" has been removed, as has the hostname_mtx mutex. Jails may have their own host information, or they may inherit it from the parent/system. The proper way to read the hostname is via getcredhostname(), which will copy either the hostname associated with the passed cred, or the system hostname if you pass NULL. The system hostname can still be accessed directly (and without locking) at prison0.pr_host, but that should be avoided where possible. The "similar information" referred to is domainname, hostid, and hostuuid, which have also become prison parameters and had their associated global variables removed. Approved by: bz (mentor)
OpenPOWER on IntegriCloud