Fix jail examples in jib, jng, README
The provided example jail configs do not work for multiple interfaces. Multiple interfaces need to be specified as a comma separated list or using multiple += lines in jail.conf. In the given example, a space- separated string is used, which doesn't work with multiple interfaces. Also added a note to the README about VIMAGE being built-in by default on amd64 in FreeBSD 12, with appropriate instructions for loading the necessary netgraph ether module (ng_ether) since it is neither built- in nor autoloads. Submitted by: Ryan Moeller <ryan@freqlabs.com> Reported by: Ryan Moeller <ryan@freqlabs.com> MFC after: 3 days Sponsored by: Smule, Inc. Differential Revision: https://reviews.freebsd.org/D17697
This commit is contained in:
@@ -8,6 +8,16 @@ The below 4 samples require a VIMAGE enabled kernel:
|
|||||||
$ make KERNCONF=VIMAGE kernel
|
$ make KERNCONF=VIMAGE kernel
|
||||||
$ reboot
|
$ reboot
|
||||||
|
|
||||||
|
FreeBSD 12 has VIMAGE enabled in GENERIC on amd64.
|
||||||
|
In that case, for jng simply load the ng_ether module first
|
||||||
|
(ng_bridge and ng_eiface will load on demand):
|
||||||
|
|
||||||
|
# (as root)
|
||||||
|
# Load the ng_ether module at boot:
|
||||||
|
$ sysrc kld_list+=ng_ether
|
||||||
|
# Load ng_ether at once without rebooting:
|
||||||
|
$ kldload ng_ether
|
||||||
|
|
||||||
Sample 1: jail.conf(5)
|
Sample 1: jail.conf(5)
|
||||||
|
|
||||||
$ cp jib jng /usr/sbin/
|
$ cp jib jng /usr/sbin/
|
||||||
|
|||||||
@@ -51,7 +51,7 @@
|
|||||||
# # arguments given to `jib addm xxx' in exec.prestart value.
|
# # arguments given to `jib addm xxx' in exec.prestart value.
|
||||||
# #
|
# #
|
||||||
# vnet;
|
# vnet;
|
||||||
# vnet.interface = "e0b_xxx e1b_xxx ...";
|
# vnet.interface = e0b_xxx, e1b_xxx, ...;
|
||||||
#
|
#
|
||||||
# exec.clean;
|
# exec.clean;
|
||||||
# exec.system_user = "root";
|
# exec.system_user = "root";
|
||||||
|
|||||||
@@ -51,7 +51,7 @@
|
|||||||
# # arguments given to `jng bridge xxx' in exec.prestart value.
|
# # arguments given to `jng bridge xxx' in exec.prestart value.
|
||||||
# #
|
# #
|
||||||
# vnet;
|
# vnet;
|
||||||
# vnet.interface = "ng0_xxx ng1_xxx ...";
|
# vnet.interface = ng0_xxx, ng1_xxx, ...;
|
||||||
#
|
#
|
||||||
# exec.clean;
|
# exec.clean;
|
||||||
# exec.system_user = "root";
|
# exec.system_user = "root";
|
||||||
|
|||||||
Reference in New Issue
Block a user