Menu
▾
▴
[Devil-linux-commit] build/config/etc/sysconfig/jail DOMINO,1.9,1.10 ISC_BIND,1.8,1.9 POSTFIX,1.5,1.6 SAGATOR,1.4,1.5
|
From: <smi...@us...> - 2003-12-26 14:46:58
|
Update of /cvsroot/devil-linux/build/config/etc/sysconfig/jail In directory sc8-pr-cvs1:/tmp/cvs-serv26373/config/etc/sysconfig/jail Modified Files: DOMINO ISC_BIND POSTFIX SAGATOR Log Message: - jail script has new command DELETE - domino jail script now empties the lib and etc directories before creating the jail - added support for libsafe to all available chroot jail configurations Index: DOMINO =================================================================== RCS file: /cvsroot/devil-linux/build/config/etc/sysconfig/jail/DOMINO,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- DOMINO 23 Dec 2003 14:57:01 -0000 1.9 +++ DOMINO 26 Dec 2003 14:46:55 -0000 1.10 @@ -9,13 +9,17 @@ # name of the daemon NAME Lotus Domino -# define user and group under which this daemon should run -USER notes -GROUP notes +# delete the following directories/files, before doing anything +DELETE /etc/* +DELETE /lib/* # define this, when the jail directory should not be emptied NODELETE 1 +# define user and group under which this daemon should run +USER notes +GROUP notes + # devices to create # parameter: devicename type major minor user.group rights DEV null c 1 3 0.0 0666 @@ -31,6 +35,9 @@ COPY /etc/nsswitch.conf COPY /lib/libnss_dns* COPY /etc/localtime +COPY /etc/ld.so.* +COPY /etc/libsafe.exclude +COPY /lib/libsafe.so.2 # set Linux capabilities Index: ISC_BIND =================================================================== RCS file: /cvsroot/devil-linux/build/config/etc/sysconfig/jail/ISC_BIND,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- ISC_BIND 23 Dec 2003 14:57:01 -0000 1.8 +++ ISC_BIND 26 Dec 2003 14:46:55 -0000 1.9 @@ -29,6 +29,9 @@ # files and directories to copy COPY /etc/named COPY /etc/named.conf +COPY /etc/ld.so.* +COPY /etc/libsafe.exclude +COPY /lib/libsafe.so.2 # set Linux capabilities #CAP CAP_NET_BIND_SERVICE Index: POSTFIX =================================================================== RCS file: /cvsroot/devil-linux/build/config/etc/sysconfig/jail/POSTFIX,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- POSTFIX 24 Dec 2003 01:18:33 -0000 1.5 +++ POSTFIX 26 Dec 2003 14:46:55 -0000 1.6 @@ -52,7 +52,9 @@ COPY /etc/group COPY /etc/shadow COPY /etc/gshadow - +COPY /etc/ld.so.* +COPY /etc/libsafe.exclude +COPY /lib/libsafe.so.2 # set Linux capabilities #CAP CAP_NET_BIND_SERVICE Index: SAGATOR =================================================================== RCS file: /cvsroot/devil-linux/build/config/etc/sysconfig/jail/SAGATOR,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- SAGATOR 23 Dec 2003 14:57:01 -0000 1.4 +++ SAGATOR 26 Dec 2003 14:46:55 -0000 1.5 @@ -51,6 +51,9 @@ COPY /usr/bin/unarj COPY /usr/bin/unrar COPY /usr/bin/unzip +COPY /etc/ld.so.* +COPY /etc/libsafe.exclude +COPY /lib/libsafe.so.2 MKDIR /tmp/quarantine CHMOD 777 /tmp/quarantine |
