[rsbac] jail

Jens Kasten jens at kasten-edv.de
Wed Jul 2 18:29:57 CEST 2008

hi list,

i have build and test a run-jail for rsbac_jail.
i use the old adamantix-jail-configs for setup the jail than.
here you can download it. 
for this services exists a config 

when download it must to move the configfiles to

here is the configparser
and the script

the run-jail.py has this
# path to add where the file jail_configparser.py is
from jail_configparser import JailParser 

i did softlinking the run-jail.py to /bin/run-jail so the initscritp use only run-jail.

you have to sys.path.append to correct so the jail_configparser.py can be found.

than also the jail_flags should more complet.
this is in the moment only tested that apache2 will work.

self.jail_flags = {
                "allow-dev-read": "-d",
                "allow-dev-write": "-D",
                "allow-external-ipc": "-i",


also this should be execute.
echo debug_jail_log_missing 1 > /proc/rsbac-info/debug 
echo debug_cap_log_missing 1 > /proc/rsbac-info/debug 

now i should have a possibility to test the jail for the apache2 
is not all perfect, but the config can easy modified so that only the
jail_configparser.py have to build new.
when i start apache2 it take a moment to ready to work.
i dont no why, but i see the parent process for apache2 is start and
the change the second one is take a while.

so far


-------------- nächster Teil --------------
Ein Dateianhang mit Bin�rdaten wurde abgetrennt...
Dateiname   : apache2_etch_init.patch
Dateityp    : text/x-patch
Dateigr��e  : 1547 bytes
Beschreibung: nicht verf�gbar
URL         : http://www.rsbac.org/pipermail/rsbac/attachments/20080702/05873312/attachment.bin 

More information about the rsbac mailing list