Rechercher une page de manuel
rsbac_jail
Langue: en
Version: May 2003 (ubuntu - 07/07/09)
Section: 1 (Commandes utilisateur)
Sommaire
NAME
rsbac_jail - put program into RSBAC jailSYNOPSIS
- rsbac_jail [-vilnrao] {path} {IP} {prog} [args]
DESCRIPTION
- All Linux kernels provide the chroot system call to confine a process in a subdirectory. Unfortunately, this does not protect the system from root processes, and it can be broken out of. The JAIL module extends the chroot system call functionality to provide a superset of the FreeBSD jail functionality (except individual kernel level hostnames).
This program will put the process into a jail with chroot to path, ip address IP and then execute prog with args.
See appropriate RSBAC documentation about for JAIL module details.
OPTIONS
- -v
- verbose program output
- -i
- allow access to IPC outside this jail
- -l
- allow jailed processes to change their rlimits
- -n
- allow all network families, not only UNIX and INET (IPv4)
- -r
- allow INET (IPv4) raw sockets (e.g. for ping)
- -a
- auto-adjust INET any address 0.0.0.0 to jail address, if set
- -o
- additionally allow to/from remote INET (IPv4) address 127.0.0.1
AUTHOR
Amon Ott <ao@rsbac.org>.Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre