Changeset View
Changeset View
Standalone View
Standalone View
sys/jail.h
Context not available. | |||||
int pr_securelevel; /* (p) securelevel */ | int pr_securelevel; /* (p) securelevel */ | ||||
int pr_enforce_statfs; /* (p) statfs permission */ | int pr_enforce_statfs; /* (p) statfs permission */ | ||||
int pr_devfs_rsnum; /* (p) devfs ruleset */ | int pr_devfs_rsnum; /* (p) devfs ruleset */ | ||||
int pr_spare[3]; | unsigned pr_allow_mount; /* (p) per-VFS permissions */ | ||||
int pr_spare[2]; | |||||
int pr_osreldate; /* (c) kern.osreldate value */ | int pr_osreldate; /* (c) kern.osreldate value */ | ||||
unsigned long pr_hostid; /* (p) jail hostid */ | unsigned long pr_hostid; /* (p) jail hostid */ | ||||
char pr_name[MAXHOSTNAMELEN]; /* (p) admin jail name */ | char pr_name[MAXHOSTNAMELEN]; /* (p) admin jail name */ | ||||
Context not available. | |||||
#define PR_ALLOW_MOUNT 0x00000010 | #define PR_ALLOW_MOUNT 0x00000010 | ||||
#define PR_ALLOW_QUOTAS 0x00000020 | #define PR_ALLOW_QUOTAS 0x00000020 | ||||
#define PR_ALLOW_SOCKET_AF 0x00000040 | #define PR_ALLOW_SOCKET_AF 0x00000040 | ||||
#define PR_ALLOW_MOUNT_DEVFS 0x00000080 | |||||
#define PR_ALLOW_MOUNT_NULLFS 0x00000100 | |||||
#define PR_ALLOW_MOUNT_ZFS 0x00000200 | |||||
#define PR_ALLOW_MOUNT_PROCFS 0x00000400 | |||||
#define PR_ALLOW_MOUNT_TMPFS 0x00000800 | |||||
#define PR_ALLOW_MOUNT_FDESCFS 0x00001000 | |||||
#define PR_ALLOW_MOUNT_LINPROCFS 0x00002000 | |||||
#define PR_ALLOW_MOUNT_LINSYSFS 0x00004000 | |||||
#define PR_ALLOW_RESERVED_PORTS 0x00008000 | #define PR_ALLOW_RESERVED_PORTS 0x00008000 | ||||
#define PR_ALLOW_KMEM_ACCESS 0x00010000 /* reserved, not used yet */ | #define PR_ALLOW_KMEM_ACCESS 0x00010000 /* reserved, not used yet */ | ||||
#define PR_ALLOW_ALL 0x0001ffff | #define PR_ALLOW_ALL 0x0001807f | ||||
allanjude: Is it safe to change the value of RESERVED_PORTS from 8000 to 80 here? Would it be better to… | |||||
Not Done Inline ActionsI suppose theoretically a module could be using that flag, which means I should bump __FreeBSD_version. The reason for the change was to keep pw_allow_names clean (not requiring the e.g. [7] = "..." that pw_flag_names has), but adding that for PR_ALLOW_RESERVED_PORTS would be less bother than a version bump. jamie: I suppose theoretically a module could be using that flag, which means I should bump… | |||||
/* | /* | ||||
* OSD methods | * OSD methods | ||||
Context not available. | |||||
struct mount; | struct mount; | ||||
struct sockaddr; | struct sockaddr; | ||||
struct statfs; | struct statfs; | ||||
struct vfsconf; | |||||
int jailed(struct ucred *cred); | int jailed(struct ucred *cred); | ||||
int jailed_without_vnet(struct ucred *); | int jailed_without_vnet(struct ucred *); | ||||
void getcredhostname(struct ucred *, char *, size_t); | void getcredhostname(struct ucred *, char *, size_t); | ||||
Context not available. | |||||
char *prison_name(struct prison *, struct prison *); | char *prison_name(struct prison *, struct prison *); | ||||
int prison_priv_check(struct ucred *cred, int priv); | int prison_priv_check(struct ucred *cred, int priv); | ||||
int sysctl_jail_param(SYSCTL_HANDLER_ARGS); | int sysctl_jail_param(SYSCTL_HANDLER_ARGS); | ||||
void prison_add_vfs_param(const struct vfsconf *vfsp); | |||||
int prison_check_vfs(struct ucred *cred, const struct vfsconf *vfsp); | |||||
void prison_racct_foreach(void (*callback)(struct racct *racct, | void prison_racct_foreach(void (*callback)(struct racct *racct, | ||||
void *arg2, void *arg3), void (*pre)(void), void (*post)(void), | void *arg2, void *arg3), void (*pre)(void), void (*post)(void), | ||||
void *arg2, void *arg3); | void *arg2, void *arg3); | ||||
Context not available. |
Is it safe to change the value of RESERVED_PORTS from 8000 to 80 here? Would it be better to leave the unused bits for now?
(This is a question for my own edification, not a request to change the patch)