Fix semantics in the documentation of the "jail_socket_unixiproute_only"
variable ("YES" vs. "NO") and be more precise and intuitive on what is
actually allowed/restricted by this variable ("UNIX/IP/route sockets"
vs. "TCP/IP protocols").
MFC after: 3 days
This commit is contained in:
@@ -2960,9 +2960,9 @@ do not allow the root user in a jail to set its hostname.
|
|||||||
.It Va jail_socket_unixiproute_only
|
.It Va jail_socket_unixiproute_only
|
||||||
.Pq Vt bool
|
.Pq Vt bool
|
||||||
If set to
|
If set to
|
||||||
.Dq Li NO ,
|
.Dq Li YES ,
|
||||||
do not allow any protocol,
|
do not allow any sockets,
|
||||||
besides TCP/IP,
|
besides UNIX/IP/route sockets,
|
||||||
to be used within a jail.
|
to be used within a jail.
|
||||||
.It Va jail_sysvipc_allow
|
.It Va jail_sysvipc_allow
|
||||||
.Pq Vt bool
|
.Pq Vt bool
|
||||||
|
|||||||
Reference in New Issue
Block a user