Current version
Git/Latestdiff: 1.5.6
Latest Snapshots
Produced after each commit or rebase to new upstream version
GIT
RSBAC source code, can be unstable sometimes
No events planned
This is an old revision of the document!
run-jail.py with the dictionary jail_flags self.jail_flags = {
"allow-dev-read": "-d", "allow-dev-write": "-D", "allow-external-ipc": "-i", "allow-all-net-family": "-n", "allow-inet-raw": "-r", "allow-tty-open": "-t", "allow-inet-localhost": "-o", "allow-dev-get-status": "-e", "allow-dev-mod-system": "-E", "allow-mount": "-u", "allow-suid": "-s", "allow-ipc-parent": "-P", "allow-ipc-syslog": "-y", "this-is-syslog": "-Y", "verbose": "-v", "private-namespace": "-N" }
rsbac_jail flags_options:
\- only for wiki to display it correct -i = allow access to IPC outside this jail, -P = allow access to IPC in the parent jail, -y = allow access to IPC in the syslog jail, -Y = this is the syslog jail, -n = allow all network families, not only UNIX and INET (IPv4), -r = allow INET (IPv4) raw sockets (e.g. for ping), -a = auto-adjust INET any address 0.0.0.0 to jail address, if set, -o = additionally allow to/from remote INET (IPv4) address 127.0.0.1 -d = allow read access on devices -D allow write access -e = allow GET_STATUS_DATA on devices -E allow MODIFY_SYSTEM_DATA -t = allow *_OPEN on tty devices -s = allow to create with / set mode to suid -u = allow to mount/umount//