devfs.rules: unhide pf in vnet jails
/dev/pf is usable in vnet jails, so don't hide the node there. We shouldn't expose /dev/pf in regular jails, as that gives them control over the host (or parent vnet jail) firewall. Reviewed by: bz Differential Revision: https://reviews.freebsd.org/D26537
This commit is contained in:
parent
2622708419
commit
9e9be081d8
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=366461
@ -86,3 +86,7 @@ add include $devfsrules_unhide_basic
|
|||||||
add include $devfsrules_unhide_login
|
add include $devfsrules_unhide_login
|
||||||
add path fuse unhide
|
add path fuse unhide
|
||||||
add path zfs unhide
|
add path zfs unhide
|
||||||
|
|
||||||
|
[devfsrules_jail_vnet=5]
|
||||||
|
add include $devfsrules_jail
|
||||||
|
add path pf unhide
|
||||||
|
Loading…
Reference in New Issue
Block a user