Lines 4-18
Link Here
|
4 |
large scale jail environments consisting of 100's of jails. |
4 |
large scale jail environments consisting of 100's of jails. |
5 |
|
5 |
|
6 |
This version of qjail has been converted from using the legacy rc.d-method as |
6 |
This version of qjail has been converted from using the legacy rc.d-method as |
7 |
used in all previous versions of qjail, to using the jail(8) jail.conf-method |
7 |
used in all previous versions of qjail-2.x, to using the jail(8) |
8 |
available in RELEASE-9.1 which contained many bugs, some that were fixed in |
8 |
jail.conf-method available in RELEASE-9.1 which contained many bugs, some that |
9 |
RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the ability |
9 |
were fixed in RELEASE-9.2 and others that were finally fixed in RELEASE-9.3 |
10 |
to enable the following new options on a per-jail basis. exec.fib, securelevel, |
10 |
and RELEASE-10.0. This upgrade provides the ability to enable the following |
11 |
allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, |
11 |
new options on a per-jail basis. exec.fib, securelevel, allow.sysvipc, |
12 |
vnet.interface, and vnet. The vnet option gives a jail its own network stack |
12 |
devfs_rulesets, allow.raw_sockets, allow.quotas, allow.mount.nullfs, |
13 |
using the experimental vimage software. This qjail version is not intended |
13 |
allow.mount.zfs, cpuset.id, vnet.interface, and vnet. The vnet option gives a |
14 |
for RELEASES older than RELEASE-10.0. The vnet option has only been tested on |
14 |
jail its own network stack using the experimental vimage software. This qjail |
15 |
i386 and amd64 equipment. |
15 |
version is not intended for RELEASES older than RELEASE-9.3. The vnet option |
|
|
16 |
has only been tested on i386 and amd64 equipment. |
16 |
|
17 |
|
17 |
Qjail requires no knowledge of the jail command usage. It uses "nullfs" for |
18 |
Qjail requires no knowledge of the jail command usage. It uses "nullfs" for |
18 |
read-only system executables, sharing one copy of them with all the jails. |
19 |
read-only system executables, sharing one copy of them with all the jails. |