#!/bin/sh # # $FreeBSD$ # # PROVIDE: jail # REQUIRE: LOGIN # BEFORE: securelevel # KEYWORD: FreeBSD . /etc/rc.subr name="jail" rcvar=`set_rcvar` start_cmd="jail_start" stop_cmd="jail_stop" jail_start() { echo -n 'Configuring jails:' echo -n ' set_hostname_allowed=' if checkyesno jail_set_hostname_allow ; then echo -n 'YES' ${SYSCTL_W} 1>/dev/null security.jail.set_hostname_allowed=1 else echo -n 'NO' ${SYSCTL_W} 1>/dev/null security.jail.set_hostname_allowed=0 fi echo -n ' unixiproute_only=' if checkyesno jail_socket_unixiproute_only ; then echo -n 'YES' ${SYSCTL_W} 1>/dev/null security.jail.socket_unixiproute_only=1 else echo -n 'NO' ${SYSCTL_W} 1>/dev/null security.jail.socket_unixiproute_only=0 fi echo -n ' sysvipc_allow=' if checkyesno jail_sysvipc_allow ; then echo -n 'YES' ${SYSCTL_W} 1>/dev/null security.jail.sysvipc_allowed=1 else echo -n 'NO' ${SYSCTL_W} 1>/dev/null security.jail.sysvipc_allowed=0 fi echo '.' echo 'Starting Jails.' for _jail in ${jail_list} do eval jail_rootdir=\"\$jail_${_jail}_rootdir\" eval jail_hostname=\"\$jail_${_jail}_hostname\" eval jail_ip=\"\$jail_${_jail}_ip\" eval jail_exec=\"\$jail_${_jail}_exec\" [ -z "${jail_exec}" ] && jail_exec="/bin/sh /etc/rc" jail ${jail_rootdir} ${jail_hostname} ${jail_ip} ${jail_exec} done } jail_stop() { kill -TERM $(ps aux | awk '$8 ~ /.*J/ {print $2};') } load_rc_config $name run_rc_command "$1"