On 05/25/2010 13:54, Glen Barber wrote:
> Hi,
>
> The jail(8) man page has an entry under 'allow.*', allow.socket_af, which
> states to allow access to protocol stacks that have not had jail functionality
> added to them.
>
> However, though socket_af exists in sys/kern/kern_jail.c, the sysctl it
I think the current situation should be sufficient, where the only
mention of the parameter sysctls are the note that you can see them via
"sysctl -d security.jail.param".
The move toward jail parameters is also a move away from using sysctl
variables for the same purpose. In this new jail order,
Hi Jamie,
On 5/26/10 12:57 PM, Jamie Gritton wrote:
On 05/25/10 11:54, Glen Barber wrote:
The jail(8) man page has an entry under 'allow.*', allow.socket_af,
which
states to allow access to protocol stacks that have not had jail
functionality
added to them.
[snip]
Is this sysctl missing, or
The sysctls that describe available jail parameters don't always have a
type that sysctl(8) understands. In particular, the boolean parameters
are given a sysctl type of "B", and sysctl(8) will ignore them.
These aren't useful sysctls in any normal way - they never have a
meaningful value. The ex
Hi,
The jail(8) man page has an entry under 'allow.*', allow.socket_af, which
states to allow access to protocol stacks that have not had jail functionality
added to them.
However, though socket_af exists in sys/kern/kern_jail.c, the sysctl itself
does not exist on my system:
orion# sysctl -
