summaryrefslogtreecommitdiffstats
path: root/usr.sbin/jail
Commit message (Collapse)AuthorAgeFilesLines
* Correct typo.le2004-02-061-1/+1
|
* A variety of content cleanups:rwatson2003-11-201-22/+70
| | | | | | | | | | | | | | | | | | | | | | | (1) Document the notion of using jail(8) to run "virtual servers" or just to constrain specific applications. If only running specific applications, some configuration steps are unnecessary (such as editing rc.conf). (2) Add some more subsection headers to break up the bigger chunks of text. (3) Clarify the problems associated with applications binding all IP addresses in the host, and attempt to be more specific about potential application problems. Document how to force sshd to bind the the right socket. (4) Suggest that in a jailed application scenario, you might want to have the host syslogd listen on the socket in the jail, rather than running syslogd in the jail. (5) Catch another reference to /stand/sysinstall. Approved by: re (bmah implicitly)
* No need to copy sysinstall into a jail with -CURRENT, since inrwatson2003-11-201-10/+2
| | | | | | -CURRENT, we have /usr/sbin/sysinstall. Approved by: re (bmah implicitly)
* - Add a note that there are two MIB variables that have per-jailkensmith2003-11-111-0/+8
| | | | | | | settings. Reviewed by: rwatson Approved by: blackend (mentor)
* add FBSDIDcharnier2003-07-061-3/+3
|
* When pointing users at mount_devfs to populate the /dev of a jail,rwatson2003-06-261-0/+10
| | | | | | | tell them that they also need to use devfs rules to prevent inappropriate devices from appearing in the jail; add an Xref. In earlier versions of this man page, the user was instructed to use sh MAKEDEV jail, which only created a minimal set of device nodes.
* Force output of jail ID (if necessary) before excuting the command,mike2003-04-211-1/+3
| | | | | otherwise redirection of stdout to a file using block buffering will not complete in time.
* o Add jls(8) for listing active jails.mike2003-04-092-20/+35
| | | | | | | o Add jexec(8) to execute a command in an existing jail. o Add -j option for killall(1) to kill all processes in a specified jail. o Add -i option to jail(8) to output jail ID of newly created jail.
* Free login_cap(3) resources after usage.maxim2003-04-071-0/+1
| | | | Submitted by: demon
* o Fix error messages formatting, style.maxim2003-04-021-29/+22
| | | | | Prodded by: bde Reviewed by: bde
* o Add -u <username> flag to jail(8): set user context before exec.maxim2003-03-273-12/+84
| | | | | | | PR: bin/44320 Submitted by: Mike Matsnev <mike@po.cs.msu.su> Reviewed by: -current MFC after: 6 weeks
* portmap_enable -> rpcbind_enable.maxim2003-03-181-2/+2
| | | | Spotted by: Andrew Khlebutin <andreyh@perm.ru>
* Remove traces of MAKEDEV & add xref to mount_devfs(8).keramida2003-02-281-2/+2
| | | | | | | DEVFS is now mandatory in CURRENT. PR: docs/48095 Submitted by: Grzegorz Czaplinski <G.Czaplinski@prioris.mini.pw.edu.pl>
* Fix example, we do not need NO_MAKEDEV_RUN any more.phk2002-10-221-1/+1
| | | | XXX: this example should be updated with a good example of devfs(8) rules.
* The .Nm utilitycharnier2002-07-141-2/+2
|
* Fix IP address typo.dd2002-05-201-1/+1
| | | | | PR: 38313 Submitted by: Jeff Ito <jeffi@rcn.com>
* Usage style sweep: spell "usage" with a small 'u'.des2002-04-221-1/+1
| | | | | Also change one case of blatant __progname abuse (several more remain) This commit does not touch anything in src/{contrib,crypto,gnu}/.
* - Attempt to help declutter kern. sysctl by moving security out fromarr2002-01-161-6/+6
| | | | | | beneath it. Reviewed by: rwatson
* mdoc(7) police: ispell rev. 1.32.ru2002-01-101-1/+1
|
* mdoc(7) police: tidy up previous delta.ru2002-01-101-3/+9
|
* Add some wisdom to the jail setup instructions.phk2001-12-141-1/+11
|
* mdoc(7) police overhaul.ru2001-12-141-118/+155
|
* - Update the sysctl mibs in order to reflect the recent kern_jail.carr2001-12-121-9/+9
| | | | | | | changes. Approved by: rwatson Reviewed by: rwatson
* syslogd can now be configured to bind to a specific address.dd2001-09-031-5/+2
|
* This is not jail(2), or anything else suitable to be referenced with .Fn.dd2001-08-271-2/+2
|
* Perform a major cleanup of the usr.sbin Makefiles.obrien2001-07-201-2/+3
| | | | | These are not perfectly in agreement with each other style-wise, but they are orders of orders of magnitude more consistent style-wise than before.
* Remove whitespace at EOL.dd2001-07-151-2/+2
|
* mdoc(7) police: removed HISTORY info from the .Os call.ru2001-07-101-1/+1
|
* mdoc(7) police: sort xrefs.ru2001-07-051-1/+1
|
* Set WARNS=2 on programs that compile cleanly with it; add $FreeBSD$dd2001-06-301-0/+1
| | | | | | where necessary. Submitted by: Mike Barcroft <mike@q9media.com>
* Add missing includes and sort includes.dd2001-06-241-4/+8
|
* Include missing header files which define functions for which gcc hasdd2001-06-241-0/+2
| | | | builtints (e.g., exit, strcmp).
* Correct cross-reference:sobomax2001-06-071-2/+2
| | | | | | portmap.8 --> rpcbind.8 Submitted by: .Xr testing script
* Change NO_MAKEDEV to a finer granularity method:asmodai2001-03-291-1/+1
| | | | | | | | | NO_MAKEDEV_INSTALL and NO_MAKEDEV_RUN. The former implying the latter. The names imply what they do. The last commit by DES based on a PR defeated the original idea behind NO_MAKEDEV, which was not to run MAKEDEV, but to do the installation of MAKEDEV. This should satisfy both parties on the MAKEDEV challenge. Reflect this in the documentation.
* - Backout botched attempt to introduce MANSECT feature.ru2001-03-261-0/+1
| | | | - MAN[1-9] -> MAN.
* Set the default manual section for usr.sbin/ to 8.ru2001-03-201-1/+0
|
* o Replace part-wise instructions for building world for jail(8) withrwatson2001-03-111-5/+1
| | | | | | | | | | a simple make world; while this does a bit more work, it means that jail(8) doesn't have to be kept in sync with /usr/src/Makefile{,.inc1} which is a moving target. MFC candidate. Submitted by: FUJISHIMA Satsuki <sf@FreeBSD.org> Reviewed by: phk Also pointed out by: Phil Kernick <Phil@Kernick.org>
* mdoc(7) police: split punctuation characters + misc fixes.ru2001-02-011-3/+3
|
* mdoc(7) police: removed history info from the .Os FreeBSD call.ru2000-12-141-1/+1
|
* mdoc(7) police: use the new features of the Nm macro.ru2000-11-201-1/+1
|
* Use Fx macro wherever possible.ru2000-11-141-2/+5
|
* Whitespace only: Correct poor line-breaking introduced in rev 1.17,sheldonh2000-11-011-2/+2
| | | | which was limited to correcting mark-up.
* Correct mark-up used in rev 1.16, as discussed with its contributor:sheldonh2000-11-011-7/+14
| | | | | | | | | | | | * Use a sub-section (Ss) instead of a section (Sh) for "Sysctl MIB Entries". * Use a tagged list (Bl, El and It) instead of sub-sections (Ss) for the actual MIB entries. * Mark paths up as such (Pa). * Mark defined values up as such (Dv).
* o Document various sysctl's available for managing services availablerwatson2000-10-311-0/+39
| | | | within jail()
* Typo: "is unreliably by default" to "is unreliable by default".dannyboy2000-07-081-1/+1
| | | | | PR: 19411 Submitted by: Benno Rice <benno@netizen.com.au>
* Some minor mdoc style and spelling fixes.mpp2000-03-241-6/+10
|
* Remove single-space hard sentence breaks. These degrade the qualitysheldonh2000-03-011-2/+4
| | | | | of the typeset output, tend to make diffs harder to read and provide bad examples for new-comers to mdoc.
* - As jail(8) has been almost completely rewritten, prepend another copyright/rwatson2000-02-201-7/+58
| | | | | | | | | | | | | | | | | | | | | BSD-style license, as an add-on to phk's beerware license. Please fedex some beer to phk. - Add a ``make depend'' line to the jail-building, which fixes openssl, among other things. Suggested by: kris - Add ``newaliases'' to the list of things to do when setting up a new jail, so that the jailed sendmail doesn't complain. - Correct references to ``kern.jail.set_hostname_allowed'' which now read ``jail.set_hostname_allowed''. - Add a reference to sysctl.conf where the sysctl can easily be set in a persistent way. - Add a list of cross references to the man page. - Fix a formatting nit or two.
* Fix up a few documentation nits in jail(8), as well as improve therwatson2000-02-181-24/+72
| | | | | | instructions so as to reduce warnings during jail startup, etc. Add a somewhat bolder warning recommending the use of kern.jail.set_hostname to limit jail renamining.
* Modified jail.8 to correct a typo (inetd_flas vs. inetd_flags), and addrwatson2000-02-161-1/+4
| | | | | a comment to the effect that I'm responsible for the additional documentation, et al, so that phk gets fewer messages about my errors.
OpenPOWER on IntegriCloud