jails and sysctl in freebsd 6.0
Marko Lerota
mlerota at iskon.hr
Thu Dec 22 01:27:52 PST 2005
Bug or something, look at this
<mother-mail>[~]# cat /etc/sysctl.conf
security.jail.allow_raw_sockets=1
security.jail.set_hostname_allowed=0
<mother-mail>[~]# sysctl -a | grep jail
security.jail.set_hostname_allowed: 1 <<<<< here
security.jail.socket_unixiproute_only: 1
security.jail.sysvipc_allowed: 0
security.jail.enforce_statfs: 2
security.jail.allow_raw_sockets: 1
security.jail.chflags_allowed: 0
security.jail.jailed: 0
The variable points to 1. You can't change the hostname
in jail (that's what I want). But booting OS hangs a little
if you put 'security.jail.set_hostname_allowed=0' to /etc/sysctl.conf.
If I put 'jail_set_hostname_allow="NO"' to /etc/rc.conf and remove it
from /etc/sysctl.conf it boots OK without delay and sysctl outputs the
correct value.
<mother-mail>[~]# uname -a
FreeBSD mother-mail.optima-telekom.hr 6.0-STABLE FreeBSD 6.0-STABLE #0: Wed Dec 21
--
One cannot sell the earth upon which the people walk
Tacunka Witco
More information about the freebsd-security
mailing list