wiki:experiences:igraltist:jail_samba
=>  Releases

Current version
Git/Snapshot: 1.5.3
Release: 1.5.0

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

--- samba_org	2008-07-14 02:21:38.000000000 +0200
+++ samba	2008-07-13 17:34:30.000000000 +0200
@@ -23,7 +23,13 @@
 		eval cmd_exec=\$${daemon}_${signal}
 		if [ -n "${cmd_exec}" ]; then
 			ebegin "${my_service_name} -> ${signal}: ${daemon}"
-			samba ${cmd_exec} > /dev/null
+			if [ "${signal}" = "start" ];then
+				#echo ${cmd} '->' ${!cmd}
+				run-jail samba ${cmd_exec}
+				# > /dev/null
+			else
+				${cmd_exec}
+			fi
 			last_result=$?
 			eend ${last_result}
 		fi
;
; RSBAC JAIL definition for samba         
; 20080507
;
; Tested by igraltist on gentoo
;
 
""
"0.0.0.0"
(allow-dev-write
 allow-dev-read
 allow-all-net-family
)
(sys-ptrace
 sys-resource
 kill
 setuid
 setgid
 net-bind-service
)
()
(rlimit)
This is execute now:
rsbac_jail  -D -d -n -C  SYS_PTRACE SYS_RESOURCE KILL SETUID SETGID NET_BIND_SERVICE -M  rlimit start-stop-daemon  --start --quiet --exec /usr/sbin/smbd -- -D            [ ok ]
 * samba -> start: nmbd ...
 
This is execute now:
rsbac_jail  -D -d -n -C  SYS_PTRACE SYS_RESOURCE KILL SETUID SETGID NET_BIND_SERVICE -M  rlimit start-stop-daemon  --start --quiet --exec /usr/sbin/nmbd -- -D            [ ok 
//
wiki/experiences/igraltist/jail_samba.txt · Last modified: 2008/07/14 02:24 by 127.0.0.1

wiki/experiences/igraltist/jail_samba.txt · Last modified: 2008/07/14 02:24 by 127.0.0.1
This website is kindly hosted by m-privacy