Re: sysctl security.jail.* descriptions
On 02/07/13 05:55, Fbsd8 wrote: Jamie Gritton wrote: On 02/06/13 09:59, Fbsd8 wrote: > Fbsd8 wrote: >> Waitman Gobble wrote: >>> On Feb 6, 2013 7:17 AM, "Fbsd8" wrote: Waitman Gobble wrote: > On Feb 6, 2013 7:02 AM, "Fbsd8" wrote: >> Where do I find the descriptions of what these jail MIBs do? ... >> security.jail.param.securelevel: 0 >> security.jail.param.path: 1024 >> security.jail.param.name: 256 >> security.jail.param.parent: 0 >> security.jail.param.jid: 0 ... >> >> What about the other security.jail.param.* MIBs >> where are they documented at? In the jail(8) main page, there's the following tidbit: | Jails have a set a core parameters, and kernel modules can add their | own jail parameters. The current set of available parameters can be | retrieved via ``sysctl -d security.jail.param''. Any parameters not | set will be given default values, often based on the current | environment. The sysctls do not themselves have values. Their useful parts are the associated types and descriptions (as well as their very existence). The descriptions are good for the above-mentioned "sysctl -d", and the types are used by jail(8) to know how to set a particular parameter. Rereading the "man jail" for 9.1 talks about securelevel as a jail parammeter. So correct me if I an wrong. All the security.jail.param.* MIBs are set in rc.conf or /etc/jail.conf file on a per jail bases by changing the word "parm" to the jailname? There's not always a direct connection between the jail parameters and the current rc.conf values. The jail parameters are what you'd use in a jail.conf(5) file, or in the "jail_jailname_parameters" rc variable. - Jamie Yes I read man jail and issued the "sysctl -d" to get the list of MIBs I posted. So I am still left with no explanation of HOW to code these new jail MIBs in 9.X to enable them on a per jail bases. Any thoughts on how to do that? Well the jail(8) man page is all about setting these parameters. You might also want to take a look at jail.conf(5) which I mentioned. But don't think of them as MIBs anymore - the "-d" is the only thing you'll have to do directly with the sysctls. - Jamie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sysctl security.jail.* descriptions
Jamie Gritton wrote: On 02/06/13 09:59, Fbsd8 wrote: > Fbsd8 wrote: >> Waitman Gobble wrote: >>> On Feb 6, 2013 7:17 AM, "Fbsd8" wrote: Waitman Gobble wrote: > On Feb 6, 2013 7:02 AM, "Fbsd8" wrote: >> Where do I find the descriptions of what these jail MIBs do? ... >> security.jail.param.securelevel: 0 >> security.jail.param.path: 1024 >> security.jail.param.name: 256 >> security.jail.param.parent: 0 >> security.jail.param.jid: 0 ... >> >> What about the other security.jail.param.* MIBs >> where are they documented at? In the jail(8) main page, there's the following tidbit: | Jails have a set a core parameters, and kernel modules can add their | own jail parameters. The current set of available parameters can be | retrieved via ``sysctl -d security.jail.param''. Any parameters not | set will be given default values, often based on the current | environment. The sysctls do not themselves have values. Their useful parts are the associated types and descriptions (as well as their very existence). The descriptions are good for the above-mentioned "sysctl -d", and the types are used by jail(8) to know how to set a particular parameter. Rereading the "man jail" for 9.1 talks about securelevel as a jail parammeter. So correct me if I an wrong. All the security.jail.param.* MIBs are set in rc.conf or /etc/jail.conf file on a per jail bases by changing the word "parm" to the jailname? There's not always a direct connection between the jail parameters and the current rc.conf values. The jail parameters are what you'd use in a jail.conf(5) file, or in the "jail_jailname_parameters" rc variable. - Jamie Yes I read man jail and issued the "sysctl -d" to get the list of MIBs I posted. So I am still left with no explanation of HOW to code these new jail MIBs in 9.X to enable them on a per jail bases. Any thoughts on how to do that? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sysctl security.jail.* descriptions
On 02/06/13 09:59, Fbsd8 wrote: > Fbsd8 wrote: >> Waitman Gobble wrote: >>> On Feb 6, 2013 7:17 AM, "Fbsd8" wrote: Waitman Gobble wrote: > On Feb 6, 2013 7:02 AM, "Fbsd8" wrote: >> Where do I find the descriptions of what these jail MIBs do? ... >> security.jail.param.securelevel: 0 >> security.jail.param.path: 1024 >> security.jail.param.name: 256 >> security.jail.param.parent: 0 >> security.jail.param.jid: 0 ... >> >> What about the other security.jail.param.* MIBs >> where are they documented at? In the jail(8) main page, there's the following tidbit: | Jails have a set a core parameters, and kernel modules can add their | own jail parameters. The current set of available parameters can be | retrieved via ``sysctl -d security.jail.param''. Any parameters not | set will be given default values, often based on the current | environment. The sysctls do not themselves have values. Their useful parts are the associated types and descriptions (as well as their very existence). The descriptions are good for the above-mentioned "sysctl -d", and the types are used by jail(8) to know how to set a particular parameter. Rereading the "man jail" for 9.1 talks about securelevel as a jail parammeter. So correct me if I an wrong. All the security.jail.param.* MIBs are set in rc.conf or /etc/jail.conf file on a per jail bases by changing the word "parm" to the jailname? There's not always a direct connection between the jail parameters and the current rc.conf values. The jail parameters are what you'd use in a jail.conf(5) file, or in the "jail_jailname_parameters" rc variable. - Jamie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sysctl security.jail.* descriptions
Fbsd8 wrote: Waitman Gobble wrote: On Feb 6, 2013 7:17 AM, "Fbsd8" wrote: Waitman Gobble wrote: On Feb 6, 2013 7:02 AM, "Fbsd8" wrote: Where do I find the descriptions of what these jail MIBs do? security.jail.param.allow.mount.zfs: 0 security.jail.param.allow.mount.procfs: 0 security.jail.param.allow.mount.nullfs: 0 security.jail.param.allow.mount.devfs: 0 security.jail.param.allow.mount.: 0 security.jail.param.allow.socket_af: 0 security.jail.param.allow.quotas: 0 security.jail.param.allow.chflags: 0 security.jail.param.allow.raw_sockets: 0 security.jail.param.allow.sysvipc: 0 security.jail.param.allow.set_hostname: 0 security.jail.param.ip6.saddrsel: 0 security.jail.param.ip6.: 0 security.jail.param.ip4.saddrsel: 0 security.jail.param.ip4.: 0 security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.host.: 0 security.jail.param.children.max: 0 security.jail.param.children.cur: 0 security.jail.param.dying: 0 security.jail.param.persist: 0 security.jail.param.devfs_ruleset: 0 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.devfs_ruleset: 0 security.jail.enforce_statfs: 2 security.jail.mount_zfs_allowed: 0 security.jail.mount_procfs_allowed: 0 security.jail.mount_nullfs_allowed: 0 security.jail.mount_devfs_allowed: 0 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 Did you try the man page? Also there is often interesting comments in /usr/src Hope that helps. Waitman Gobble San Jose California There are no man pages for any MIBs Sorry, but im not at a computer now to check, but I believe it would be in the «jail» man page. Hopefully that's the right 411. Waitman man jail only talks about these few MIBs security.jail.mount_zfs_allowed: 0 security.jail.mount_procfs_allowed: 0 security.jail.mount_nullfs_allowed: 0 security.jail.mount_devfs_allowed: 0 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 which are set from the host only. What about the other security.jail.param.* MIBs where are they documented at? Rereading the "man jail" for 9.1 talks about securelevel as a jail parammeter. So correct me if I an wrong. All the security.jail.param.* MIBs are set in rc.conf or /etc/jail.conf file on a per jail bases by changing the word "parm" to the jailname? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sysctl security.jail.* descriptions
Waitman Gobble wrote: On Feb 6, 2013 7:17 AM, "Fbsd8" wrote: Waitman Gobble wrote: On Feb 6, 2013 7:02 AM, "Fbsd8" wrote: Where do I find the descriptions of what these jail MIBs do? security.jail.param.allow.mount.zfs: 0 security.jail.param.allow.mount.procfs: 0 security.jail.param.allow.mount.nullfs: 0 security.jail.param.allow.mount.devfs: 0 security.jail.param.allow.mount.: 0 security.jail.param.allow.socket_af: 0 security.jail.param.allow.quotas: 0 security.jail.param.allow.chflags: 0 security.jail.param.allow.raw_sockets: 0 security.jail.param.allow.sysvipc: 0 security.jail.param.allow.set_hostname: 0 security.jail.param.ip6.saddrsel: 0 security.jail.param.ip6.: 0 security.jail.param.ip4.saddrsel: 0 security.jail.param.ip4.: 0 security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.host.: 0 security.jail.param.children.max: 0 security.jail.param.children.cur: 0 security.jail.param.dying: 0 security.jail.param.persist: 0 security.jail.param.devfs_ruleset: 0 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.devfs_ruleset: 0 security.jail.enforce_statfs: 2 security.jail.mount_zfs_allowed: 0 security.jail.mount_procfs_allowed: 0 security.jail.mount_nullfs_allowed: 0 security.jail.mount_devfs_allowed: 0 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 Did you try the man page? Also there is often interesting comments in /usr/src Hope that helps. Waitman Gobble San Jose California There are no man pages for any MIBs Sorry, but im not at a computer now to check, but I believe it would be in the «jail» man page. Hopefully that's the right 411. Waitman man jail only talks about these few MIBs security.jail.mount_zfs_allowed: 0 security.jail.mount_procfs_allowed: 0 security.jail.mount_nullfs_allowed: 0 security.jail.mount_devfs_allowed: 0 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 which are set from the host only. What about the other security.jail.param.* MIBs where are they documented at? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sysctl security.jail.* descriptions
On Feb 6, 2013 7:17 AM, "Fbsd8" wrote: > > Waitman Gobble wrote: >> >> On Feb 6, 2013 7:02 AM, "Fbsd8" wrote: >>> >>> Where do I find the descriptions of what these jail MIBs do? >>> >>> >>> security.jail.param.allow.mount.zfs: 0 >>> security.jail.param.allow.mount.procfs: 0 >>> security.jail.param.allow.mount.nullfs: 0 >>> security.jail.param.allow.mount.devfs: 0 >>> security.jail.param.allow.mount.: 0 >>> security.jail.param.allow.socket_af: 0 >>> security.jail.param.allow.quotas: 0 >>> security.jail.param.allow.chflags: 0 >>> security.jail.param.allow.raw_sockets: 0 >>> security.jail.param.allow.sysvipc: 0 >>> security.jail.param.allow.set_hostname: 0 >>> security.jail.param.ip6.saddrsel: 0 >>> security.jail.param.ip6.: 0 >>> security.jail.param.ip4.saddrsel: 0 >>> security.jail.param.ip4.: 0 >>> security.jail.param.cpuset.id: 0 >>> security.jail.param.host.hostid: 0 >>> security.jail.param.host.hostuuid: 64 >>> security.jail.param.host.domainname: 256 >>> security.jail.param.host.hostname: 256 >>> security.jail.param.host.: 0 >>> security.jail.param.children.max: 0 >>> security.jail.param.children.cur: 0 >>> security.jail.param.dying: 0 >>> security.jail.param.persist: 0 >>> security.jail.param.devfs_ruleset: 0 >>> security.jail.param.enforce_statfs: 0 >>> security.jail.param.securelevel: 0 >>> security.jail.param.path: 1024 >>> security.jail.param.name: 256 >>> security.jail.param.parent: 0 >>> security.jail.param.jid: 0 >>> security.jail.devfs_ruleset: 0 >>> security.jail.enforce_statfs: 2 >>> security.jail.mount_zfs_allowed: 0 >>> security.jail.mount_procfs_allowed: 0 >>> security.jail.mount_nullfs_allowed: 0 >>> security.jail.mount_devfs_allowed: 0 >>> security.jail.mount_allowed: 0 >>> security.jail.chflags_allowed: 0 >>> security.jail.allow_raw_sockets: 0 >>> security.jail.sysvipc_allowed: 0 >>> security.jail.socket_unixiproute_only: 1 >>> security.jail.set_hostname_allowed: 1 >>> security.jail.jail_max_af_ips: 255 >>> security.jail.jailed: 0 >>> >> >> >> Did you try the man page? Also there is often interesting comments in >> /usr/src >> >> Hope that helps. >> >> Waitman Gobble >> San Jose California >> >> > > There are no man pages for any MIBs > Sorry, but im not at a computer now to check, but I believe it would be in the «jail» man page. Hopefully that's the right 411. Waitman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sysctl security.jail.* descriptions
Waitman Gobble wrote: On Feb 6, 2013 7:02 AM, "Fbsd8" wrote: Where do I find the descriptions of what these jail MIBs do? security.jail.param.allow.mount.zfs: 0 security.jail.param.allow.mount.procfs: 0 security.jail.param.allow.mount.nullfs: 0 security.jail.param.allow.mount.devfs: 0 security.jail.param.allow.mount.: 0 security.jail.param.allow.socket_af: 0 security.jail.param.allow.quotas: 0 security.jail.param.allow.chflags: 0 security.jail.param.allow.raw_sockets: 0 security.jail.param.allow.sysvipc: 0 security.jail.param.allow.set_hostname: 0 security.jail.param.ip6.saddrsel: 0 security.jail.param.ip6.: 0 security.jail.param.ip4.saddrsel: 0 security.jail.param.ip4.: 0 security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.host.: 0 security.jail.param.children.max: 0 security.jail.param.children.cur: 0 security.jail.param.dying: 0 security.jail.param.persist: 0 security.jail.param.devfs_ruleset: 0 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.devfs_ruleset: 0 security.jail.enforce_statfs: 2 security.jail.mount_zfs_allowed: 0 security.jail.mount_procfs_allowed: 0 security.jail.mount_nullfs_allowed: 0 security.jail.mount_devfs_allowed: 0 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 Did you try the man page? Also there is often interesting comments in /usr/src Hope that helps. Waitman Gobble San Jose California There are no man pages for any MIBs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sysctl security.jail.* descriptions
On Feb 6, 2013 7:02 AM, "Fbsd8" wrote: > > Where do I find the descriptions of what these jail MIBs do? > > > security.jail.param.allow.mount.zfs: 0 > security.jail.param.allow.mount.procfs: 0 > security.jail.param.allow.mount.nullfs: 0 > security.jail.param.allow.mount.devfs: 0 > security.jail.param.allow.mount.: 0 > security.jail.param.allow.socket_af: 0 > security.jail.param.allow.quotas: 0 > security.jail.param.allow.chflags: 0 > security.jail.param.allow.raw_sockets: 0 > security.jail.param.allow.sysvipc: 0 > security.jail.param.allow.set_hostname: 0 > security.jail.param.ip6.saddrsel: 0 > security.jail.param.ip6.: 0 > security.jail.param.ip4.saddrsel: 0 > security.jail.param.ip4.: 0 > security.jail.param.cpuset.id: 0 > security.jail.param.host.hostid: 0 > security.jail.param.host.hostuuid: 64 > security.jail.param.host.domainname: 256 > security.jail.param.host.hostname: 256 > security.jail.param.host.: 0 > security.jail.param.children.max: 0 > security.jail.param.children.cur: 0 > security.jail.param.dying: 0 > security.jail.param.persist: 0 > security.jail.param.devfs_ruleset: 0 > security.jail.param.enforce_statfs: 0 > security.jail.param.securelevel: 0 > security.jail.param.path: 1024 > security.jail.param.name: 256 > security.jail.param.parent: 0 > security.jail.param.jid: 0 > security.jail.devfs_ruleset: 0 > security.jail.enforce_statfs: 2 > security.jail.mount_zfs_allowed: 0 > security.jail.mount_procfs_allowed: 0 > security.jail.mount_nullfs_allowed: 0 > security.jail.mount_devfs_allowed: 0 > security.jail.mount_allowed: 0 > security.jail.chflags_allowed: 0 > security.jail.allow_raw_sockets: 0 > security.jail.sysvipc_allowed: 0 > security.jail.socket_unixiproute_only: 1 > security.jail.set_hostname_allowed: 1 > security.jail.jail_max_af_ips: 255 > security.jail.jailed: 0 > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " freebsd-questions-unsubscr...@freebsd.org" Did you try the man page? Also there is often interesting comments in /usr/src Hope that helps. Waitman Gobble San Jose California ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: sysctl security.jail.* descriptions
# sysctl -d security.jail.socket_unixiproute_only security.jail.socket_unixiproute_only: Processes in jail are limited to creating UNIX/IP/route sockets only On Feb 6, 2013, at 4:02 PM, Fbsd8 wrote: > Where do I find the descriptions of what these jail MIBs do? > > > security.jail.param.allow.mount.zfs: 0 > security.jail.param.allow.mount.procfs: 0 > security.jail.param.allow.mount.nullfs: 0 > security.jail.param.allow.mount.devfs: 0 > security.jail.param.allow.mount.: 0 > security.jail.param.allow.socket_af: 0 > security.jail.param.allow.quotas: 0 > security.jail.param.allow.chflags: 0 > security.jail.param.allow.raw_sockets: 0 > security.jail.param.allow.sysvipc: 0 > security.jail.param.allow.set_hostname: 0 > security.jail.param.ip6.saddrsel: 0 > security.jail.param.ip6.: 0 > security.jail.param.ip4.saddrsel: 0 > security.jail.param.ip4.: 0 > security.jail.param.cpuset.id: 0 > security.jail.param.host.hostid: 0 > security.jail.param.host.hostuuid: 64 > security.jail.param.host.domainname: 256 > security.jail.param.host.hostname: 256 > security.jail.param.host.: 0 > security.jail.param.children.max: 0 > security.jail.param.children.cur: 0 > security.jail.param.dying: 0 > security.jail.param.persist: 0 > security.jail.param.devfs_ruleset: 0 > security.jail.param.enforce_statfs: 0 > security.jail.param.securelevel: 0 > security.jail.param.path: 1024 > security.jail.param.name: 256 > security.jail.param.parent: 0 > security.jail.param.jid: 0 > security.jail.devfs_ruleset: 0 > security.jail.enforce_statfs: 2 > security.jail.mount_zfs_allowed: 0 > security.jail.mount_procfs_allowed: 0 > security.jail.mount_nullfs_allowed: 0 > security.jail.mount_devfs_allowed: 0 > security.jail.mount_allowed: 0 > security.jail.chflags_allowed: 0 > security.jail.allow_raw_sockets: 0 > security.jail.sysvipc_allowed: 0 > security.jail.socket_unixiproute_only: 1 > security.jail.set_hostname_allowed: 1 > security.jail.jail_max_af_ips: 255 > security.jail.jailed: 0 > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
sysctl security.jail.* descriptions
Where do I find the descriptions of what these jail MIBs do? security.jail.param.allow.mount.zfs: 0 security.jail.param.allow.mount.procfs: 0 security.jail.param.allow.mount.nullfs: 0 security.jail.param.allow.mount.devfs: 0 security.jail.param.allow.mount.: 0 security.jail.param.allow.socket_af: 0 security.jail.param.allow.quotas: 0 security.jail.param.allow.chflags: 0 security.jail.param.allow.raw_sockets: 0 security.jail.param.allow.sysvipc: 0 security.jail.param.allow.set_hostname: 0 security.jail.param.ip6.saddrsel: 0 security.jail.param.ip6.: 0 security.jail.param.ip4.saddrsel: 0 security.jail.param.ip4.: 0 security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.host.: 0 security.jail.param.children.max: 0 security.jail.param.children.cur: 0 security.jail.param.dying: 0 security.jail.param.persist: 0 security.jail.param.devfs_ruleset: 0 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.devfs_ruleset: 0 security.jail.enforce_statfs: 2 security.jail.mount_zfs_allowed: 0 security.jail.mount_procfs_allowed: 0 security.jail.mount_nullfs_allowed: 0 security.jail.mount_devfs_allowed: 0 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"