[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] jail sysctl values

Sheldon Jones wrote:
>> If you have more
>> information on the subject I would be very interested  and maybe I can
>> get this implemented in ezjail.
> I've tried to put security.jail.param.allow.socket_af=1 in the jails
> sysctl.conf but /etc/rc.d/sysctl returns: WARNING: unable to set
> security.jail.param.allow.socket_af=1
> I've also tried using the jail -m command to modify the running jail.
> I'll let you know if I find anything. Thanks for the reply.

Found out how to set this on a running jail, e.g.:

sudo jail -m jid=4 allow.sysvipc

/etc/rc.d/jail is not uptodate with all the new jail features introduced
with VNET et. all. Ezjail does use /etc/rc.d/jail for starting jails, so
I guess ezjail will not support those new fancy stuff until
/etc/rc.d/jail supports it.