cvs commit: src/sys/kern kern_jail.c src/sys/sys jail.h
src/sys/ufs/ufs ufs_vnops.c src/usr.sbin/jail jail.8
Pawel Jakub Dawidek
pjd at FreeBSD.org
Tue Feb 8 21:50:44 GMT 2005
On Tue, Feb 08, 2005 at 09:31:11PM +0000, Colin Percival wrote:
+> cperciva 2005-02-08 21:31:11 UTC
+>
+> FreeBSD src repository
+>
+> Modified files:
+> sys/kern kern_jail.c
+> sys/sys jail.h
+> sys/ufs/ufs ufs_vnops.c
+> usr.sbin/jail jail.8
+> Log:
+> Add a new sysctl, "security.jail.chflags_allowed", which controls the
+> behaviour of chflags within a jail. If set to 0 (the default), then a
+> jailed root user is treated as an unprivileged user; if set to 1, then
+> a jailed root user is treated the same as an unjailed root user.
+>
+> This is necessary to allow "make installworld" to work inside a jail,
+> since it attempts to manipulate the system immutable flag on certain
+> files.
More than that. It should be allowed in the future by default and this
behaviour should be controlled by jail's securelevel.
--
Pawel Jakub Dawidek http://www.wheel.pl
pjd at FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20050208/055c7293/attachment.bin
More information about the cvs-src
mailing list