Changeset View
Changeset View
Standalone View
Standalone View
usr.sbin/jail/jail.8
Show All 19 Lines | ||||||||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |||||||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |||||||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |||||||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |||||||||
.\" SUCH DAMAGE. | .\" SUCH DAMAGE. | |||||||||
.\" | .\" | |||||||||
.\" $FreeBSD$ | .\" $FreeBSD$ | |||||||||
.\" | .\" | |||||||||
.Dd March 12, 2023 | .Dd May 25, 2023 | |||||||||
lwhsu: Don't forget bump the date. :) | ||||||||||
.Dt JAIL 8 | .Dt JAIL 8 | |||||||||
.Os | .Os | |||||||||
.Sh NAME | .Sh NAME | |||||||||
.Nm jail | .Nm jail | |||||||||
.Nd "manage system jails" | .Nd "manage system jails" | |||||||||
.Sh SYNOPSIS | .Sh SYNOPSIS | |||||||||
.Nm | .Nm | |||||||||
.Op Fl dhilqv | .Op Fl dhilqv | |||||||||
▲ Show 20 Lines • Show All 718 Lines • ▼ Show 20 Lines | ||||||||||
its keys. | its keys. | |||||||||
If set to | If set to | |||||||||
.Dq disable , | .Dq disable , | |||||||||
the jail cannot perform any sysvmsg-related system calls. | the jail cannot perform any sysvmsg-related system calls. | |||||||||
.It Va sysvsem, sysvshm | .It Va sysvsem, sysvshm | |||||||||
Allow access to SYSV IPC semaphore and shared memory primitives, in the | Allow access to SYSV IPC semaphore and shared memory primitives, in the | |||||||||
same manner as | same manner as | |||||||||
.Va sysvmsg. | .Va sysvmsg. | |||||||||
.It Va efi.fallback_brand | ||||||||||
The ABI brand of the Jail. | ||||||||||
markjUnsubmitted Not Done Inline Actions"jail" shouldn't be capitalized here or below. markj: "jail" shouldn't be capitalized here or below. | ||||||||||
.Pp | ||||||||||
Done Inline ActionsIf you really want a blank line, you need .Pp lwhsu: If you really want a blank line, you need `.Pp` | ||||||||||
Setting this value allows executables with unknown ABI brand to run as the | ||||||||||
markjUnsubmitted Not Done Inline Actions
markj: | ||||||||||
specified ABI brand. | ||||||||||
.Pp | ||||||||||
More specifically, if the ABI field of the ELF header of an executable to run in | ||||||||||
the Jail is unknown, it will fallback to try this brand before trying the | ||||||||||
markjUnsubmitted Not Done Inline Actions
markj: | ||||||||||
system-wise fallback brands. | ||||||||||
markjUnsubmitted Not Done Inline Actions
markj: | ||||||||||
.Pp | ||||||||||
For example, setting this parameter to 3, the Linux ABI brand, causes Linux | ||||||||||
Done Inline Actionscause —> causes freebsd_igalic.co: cause —> causes | ||||||||||
executables with ELF ABI brand "0" run in the Jail without the need to rebrand | ||||||||||
markjUnsubmitted Not Done Inline Actions
markj: | ||||||||||
the executables with | ||||||||||
Done Inline Actions.Xr brandelf 1 lwhsu: `.Xr brandelf 1` | ||||||||||
markjUnsubmitted Not Done Inline Actions
markj: | ||||||||||
.Xr brandelf 1 . | ||||||||||
.El | .El | |||||||||
.Pp | .Pp | |||||||||
There are pseudo-parameters that are not passed to the kernel, but are | There are pseudo-parameters that are not passed to the kernel, but are | |||||||||
used by | used by | |||||||||
.Nm | .Nm | |||||||||
to set up the jail environment, often by running specified commands | to set up the jail environment, often by running specified commands | |||||||||
when jails are created or removed. | when jails are created or removed. | |||||||||
The | The | |||||||||
▲ Show 20 Lines • Show All 701 Lines • Show Last 20 Lines |
Don't forget bump the date. :)