Commit Graph

56 Commits

Author SHA1 Message Date
charnier
f9f40e173c add FBSDID 2003-07-06 12:44:11 +00:00
rwatson
d47074eb37 When pointing users at mount_devfs to populate the /dev of a jail,
tell them that they also need to use devfs rules to prevent
inappropriate devices from appearing in the jail; add an Xref.  In
earlier versions of this man page, the user was instructed to use
sh MAKEDEV jail, which only created a minimal set of device nodes.
2003-06-26 19:04:15 +00:00
mike
04c2007c1a Force output of jail ID (if necessary) before excuting the command,
otherwise redirection of stdout to a file using block buffering will
not complete in time.
2003-04-21 17:20:48 +00:00
mike
370c7a915a o Add jls(8) for listing active jails.
o Add jexec(8) to execute a command in an existing jail.
o Add -j option for killall(1) to kill all processes in a specified
  jail.
o Add -i option to jail(8) to output jail ID of newly created jail.
2003-04-09 03:04:12 +00:00
maxim
515e2e1105 Free login_cap(3) resources after usage.
Submitted by:	demon
2003-04-07 10:16:37 +00:00
maxim
08fb38a751 o Fix error messages formatting, style.
Prodded by:	bde
Reviewed by:	bde
2003-04-02 09:20:08 +00:00
maxim
ea389504ed o Add -u <username> flag to jail(8): set user context before exec.
PR:		bin/44320
Submitted by:	Mike Matsnev <mike@po.cs.msu.su>
Reviewed by:	-current
MFC after:	6 weeks
2003-03-27 12:16:58 +00:00
maxim
7f1eff37f8 portmap_enable -> rpcbind_enable.
Spotted by:	Andrew Khlebutin <andreyh@perm.ru>
2003-03-18 14:01:02 +00:00
keramida
0c13b156c8 Remove traces of MAKEDEV & add xref to mount_devfs(8).
DEVFS is now mandatory in CURRENT.

PR:		docs/48095
Submitted by:	Grzegorz Czaplinski <G.Czaplinski@prioris.mini.pw.edu.pl>
2003-02-28 22:47:18 +00:00
phk
fc249e7893 Fix example, we do not need NO_MAKEDEV_RUN any more.
XXX: this example should be updated with a good example of devfs(8) rules.
2002-10-22 15:03:51 +00:00
charnier
90baea60d8 The .Nm utility 2002-07-14 14:47:15 +00:00
dd
bf26b2ee3d Fix IP address typo.
PR:		38313
Submitted by:	Jeff Ito <jeffi@rcn.com>
2002-05-20 07:29:25 +00:00
des
c91c856b3e Usage style sweep: spell "usage" with a small 'u'.
Also change one case of blatant __progname abuse (several more remain)
This commit does not touch anything in src/{contrib,crypto,gnu}/.
2002-04-22 13:44:47 +00:00
arr
6e5e163b96 - Attempt to help declutter kern. sysctl by moving security out from
beneath it.

Reviewed by: rwatson
2002-01-16 06:55:30 +00:00
ru
c74c746711 mdoc(7) police: ispell rev. 1.32. 2002-01-10 15:15:44 +00:00
ru
91ffb07d96 mdoc(7) police: tidy up previous delta. 2002-01-10 15:14:22 +00:00
phk
f570749605 Add some wisdom to the jail setup instructions. 2001-12-14 20:20:50 +00:00
ru
3d1e4e7cda mdoc(7) police overhaul. 2001-12-14 10:18:15 +00:00
arr
06aab56344 - Update the sysctl mibs in order to reflect the recent kern_jail.c
changes.

Approved by:	rwatson
Reviewed by:	rwatson
2001-12-12 05:24:50 +00:00
dd
df2f87ab4b syslogd can now be configured to bind to a specific address. 2001-09-03 15:42:10 +00:00
dd
73b78e9ece This is not jail(2), or anything else suitable to be referenced with .Fn. 2001-08-27 12:15:44 +00:00
obrien
4b92fa588b Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.
2001-07-20 06:20:32 +00:00
dd
7d1013753f Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
ru
5617dbcc22 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 15:12:08 +00:00
ru
6f588c127c mdoc(7) police: sort xrefs. 2001-07-05 08:13:03 +00:00
dd
8aa69f4716 Set WARNS=2 on programs that compile cleanly with it; add $FreeBSD$
where necessary.

Submitted by:	Mike Barcroft <mike@q9media.com>
2001-06-30 05:39:36 +00:00
dd
7236457619 Add missing includes and sort includes. 2001-06-24 20:28:19 +00:00
dd
f0f948f685 Include missing header files which define functions for which gcc has
builtints (e.g., exit, strcmp).
2001-06-24 20:25:23 +00:00
sobomax
ce72d4ae8d Correct cross-reference:
portmap.8 --> rpcbind.8

Submitted by:	.Xr testing script
2001-06-07 16:59:19 +00:00
asmodai
92d117fb8d Change NO_MAKEDEV to a finer granularity method:
NO_MAKEDEV_INSTALL and NO_MAKEDEV_RUN.  The former implying the latter.
The names imply what they do.  The last commit by DES based on a PR defeated
the original idea behind NO_MAKEDEV, which was not to run MAKEDEV, but to do
the installation of MAKEDEV.  This should satisfy both parties on the MAKEDEV
challenge.
Reflect this in the documentation.
2001-03-29 14:03:29 +00:00
ru
b15a893144 - Backout botched attempt to introduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:42:20 +00:00
ru
42350947e7 Set the default manual section for usr.sbin/ to 8. 2001-03-20 18:17:26 +00:00
rwatson
cc128d39d2 o Replace part-wise instructions for building world for jail(8) with
a simple make world; while this does a bit more work, it means that
  jail(8) doesn't have to be kept in sync with /usr/src/Makefile{,.inc1}
  which is a moving target.  MFC candidate.

Submitted by:	FUJISHIMA Satsuki <sf@FreeBSD.org>
Reviewed by:	phk
Also pointed out by:	Phil Kernick <Phil@Kernick.org>
2001-03-11 20:37:11 +00:00
ru
606eb8b7a4 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:44:04 +00:00
ru
fe2efd38b3 mdoc(7) police: removed history info from the .Os FreeBSD call. 2000-12-14 11:52:05 +00:00
ru
c3189e713e mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00
ru
b42832df66 Use Fx macro wherever possible. 2000-11-14 11:20:58 +00:00
sheldonh
dc8cd8a56e Whitespace only: Correct poor line-breaking introduced in rev 1.17,
which was limited to correcting mark-up.
2000-11-01 07:51:14 +00:00
sheldonh
9cf31df90c Correct mark-up used in rev 1.16, as discussed with its contributor:
* Use a sub-section (Ss) instead of a section (Sh) for
  "Sysctl MIB Entries".

* Use a tagged list (Bl, El and It) instead of sub-sections (Ss) for
  the actual MIB entries.

* Mark paths up as such (Pa).

* Mark defined values up as such (Dv).
2000-11-01 07:49:29 +00:00
rwatson
fef304a6d7 o Document various sysctl's available for managing services available
within jail()
2000-10-31 01:47:59 +00:00
dannyboy
a459e401fe Typo: "is unreliably by default" to "is unreliable by default".
PR:		19411
Submitted by:	Benno Rice <benno@netizen.com.au>
2000-07-08 14:12:34 +00:00
mpp
53f8890d22 Some minor mdoc style and spelling fixes. 2000-03-24 02:05:54 +00:00
sheldonh
840cf958b8 Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 14:09:25 +00:00
rwatson
5060b8f504 - As jail(8) has been almost completely rewritten, prepend another copyright/
BSD-style license, as an add-on to phk's beerware license.  Please fedex
  some beer to phk.

- Add a ``make depend'' line to the jail-building, which fixes openssl,
  among other things.  Suggested by: kris

- Add ``newaliases'' to the list of things to do when setting up a new
  jail, so that the jailed sendmail doesn't complain.

- Correct references to ``kern.jail.set_hostname_allowed'' which now read
  ``jail.set_hostname_allowed''.

- Add a reference to sysctl.conf where the sysctl can easily be set in
  a persistent way.

- Add a list of cross references to the man page.

- Fix a formatting nit or two.
2000-02-20 02:51:11 +00:00
rwatson
cad0571789 Fix up a few documentation nits in jail(8), as well as improve the
instructions so as to reduce warnings during jail startup, etc.
Add a somewhat bolder warning recommending the use of
kern.jail.set_hostname to limit jail renamining.
2000-02-18 19:02:22 +00:00
rwatson
9584265232 Modified jail.8 to correct a typo (inetd_flas vs. inetd_flags), and add
a comment to the effect that I'm responsible for the additional
documentation, et al, so that phk gets fewer messages about my errors.
2000-02-16 23:50:43 +00:00
chris
896281e448 Add Robert Watson's much extended documentation including that of the
kern.jail.set_hostname_allowed sysctl MIB.

Submitted by:	rwatson
2000-02-13 05:15:29 +00:00
rwatson
607f8366d1 Clean up the jail(8) documentation so that it suggests building a jail
userland in a safer way.  Using the NO_MAKEDEV argument in make
distribution prevents the creation of a number of unsafe device nodes
in the jailed /dev, including disk devices, and more.  This depends
on an earlier commit to /etc/Makefile to provide the NO_MAKEDEV
support.

Approved by:	jkh
2000-02-09 04:17:41 +00:00
asmodai
ef9e29cded Properly manify this manpage. 1999-12-21 11:25:10 +00:00
phk
45099c93a9 A procfs mount is no longer needed for a jail. 1999-12-05 09:28:59 +00:00