configs/ - add comments to config files using #

diff --git a/configs/apache.cfg b/configs/apache.cfg
index f3ae83827ef6703e53702f3611b9120087d1f7ee..a1f2ff67c076b93aaedbd88afcbfc034f0d3292f 100644 (file)
--- a/configs/apache.cfg
+++ b/configs/apache.cfg
@@ -1,4 +1,7 @@
+# Example config for nsjail
+
 name: "apache-with-cloned-net"
+
 description: "Tested under Ubuntu 17.04. Other Linux distros might "
 description: "use different locations for the Apache's HTTPD configuration "
 description: "files and system libraries"

diff --git a/configs/bash-with-fake-geteuid.cfg b/configs/bash-with-fake-geteuid.cfg
index c0046ba06be7a7b1a9a58948152adf4500d5d7ee..99a36afae54a4ebe14fa824f83f7045234403f6a 100644 (file)
--- a/configs/bash-with-fake-geteuid.cfg
+++ b/configs/bash-with-fake-geteuid.cfg
@@ -1,4 +1,7 @@
+# Example config for nsjail
+
 name: "bash-with-fake-geteuid"
+
 description: "An example/demo policy which allows to execute /bin/bash and other commands in "
 description: "a fairly restricted jail containing only some directories from the main "
 description: "system, and with blocked __NR_syslog syscall. Also, __NR_geteuid returns -1337 "

diff --git a/configs/demo-dont-use-chrome-with-net.cfg b/configs/demo-dont-use-chrome-with-net.cfg
index 690657e20f5ed966863a39f4f8c83bbb41a2a48c..c6c6a5f46b993e328bef27f66bff4a7c8996b1c1 100644 (file)
--- a/configs/demo-dont-use-chrome-with-net.cfg
+++ b/configs/demo-dont-use-chrome-with-net.cfg
@@ -1,3 +1,5 @@
+# Example config for nsjail
+
 name: "chrome-with-net"
 
 description: "Don't use for anything serious - this is just a demo policy. See notes"

diff --git a/configs/firefox-with-cloned-net.cfg b/configs/firefox-with-cloned-net.cfg
index 343621b9000322d6fd331a1e849b63b40135a054..180ed9a33fab5413591b27d93d034f01527d53b3 100644 (file)
--- a/configs/firefox-with-cloned-net.cfg
+++ b/configs/firefox-with-cloned-net.cfg
@@ -1,3 +1,5 @@
+# Example config for nsjail
+
 name: "firefox-with-cloned-net"
 
 description: "This policy allows to run firefox inside a jail on a separate eth interface."

diff --git a/configs/firefox-with-net.cfg b/configs/firefox-with-net.cfg
index c9b677c0c98fe1edee8d42a8b836e03f8bb96a66..b88f8ea95d91c18927a1c6501afd8e8541f32bed 100644 (file)
--- a/configs/firefox-with-net.cfg
+++ b/configs/firefox-with-net.cfg
@@ -1,3 +1,5 @@
+# Example config for nsjail
+
 name: "firefox-with-net"
 
 description: "This policy allows to run firefox inside a jail. Access to networking is"

diff --git a/configs/home-documents-with-xorg-no-net.cfg b/configs/home-documents-with-xorg-no-net.cfg
index b219114a78571158f37acd99b7cc3e9df3c28807..83cfb42b81402569180ee62d319da00eaf46686d 100644 (file)
--- a/configs/home-documents-with-xorg-no-net.cfg
+++ b/configs/home-documents-with-xorg-no-net.cfg
@@ -1,3 +1,5 @@
+# Example config for nsjail
+
 name: "documents-with-xorg"
 
 description: "This policy allows to run many X-org based tool, which are allowed"

diff --git a/configs/imagemagick-convert.cfg b/configs/imagemagick-convert.cfg
index d4a418e2d70d7fc03249b61711eaae7a8ea06339..45254a0c557552764b9e5fc9560d92847bea2f05 100644 (file)
--- a/configs/imagemagick-convert.cfg
+++ b/configs/imagemagick-convert.cfg
@@ -1,3 +1,5 @@
+# Example config for nsjail
+
 name: "imagemagick-convert"
 
 description: "This policy allows to run ImageMagick's convert inside a jail."

diff --git a/configs/static-busybox-with-execveat.cfg b/configs/static-busybox-with-execveat.cfg
index 0d0a49e8761844c19790efa39a9e4d327fc6c1f3..ddfe01c668cca3ca137835d3e8e090c752a1338a 100644 (file)
--- a/configs/static-busybox-with-execveat.cfg
+++ b/configs/static-busybox-with-execveat.cfg
@@ -1,3 +1,5 @@
+# Example config for nsjail
+
 name: "static-busybox-with-execveat"
 description: "An example/demo policy which allows to execute /bin/busybox-static in an "
 description: "empty (only /proc) mount namespace which doesn't even include busybox itself"

diff --git a/configs/tomcat8.cfg b/configs/tomcat8.cfg
index 0262b362ad7d8ac2a97badc0dc15dd1b31550ff5..30af214484b7168c5d16b41976ff6ee586b7059a 100644 (file)
--- a/configs/tomcat8.cfg
+++ b/configs/tomcat8.cfg
@@ -1,4 +1,7 @@
+# Example config for nsjail
+
 name: "tomcat8"
+
 description: "Tested under Ubuntu 16.04 with tomcat8=8.0.32-1ubuntu1.9,"
 description: "libnl-route-3-200=3.2.27-1ubuntu0.16.04.1,"
 description: "libprotobuf9v5=2.6.1-1.3,"

diff --git a/configs/xchat-with-net.cfg b/configs/xchat-with-net.cfg
index 8575b924e0de5a8487a972da59c992d524ab03d0..04c361b411b3808cf72c9734a7d3001bd8351194 100644 (file)
--- a/configs/xchat-with-net.cfg
+++ b/configs/xchat-with-net.cfg
@@ -1,3 +1,5 @@
+# Example config for nsjail
+
 name: "xchat-with-net"
 
 description: "This policy allows to run xchat inside a jail. Access to networking is"

diff --git a/configs/znc-with-net.cfg b/configs/znc-with-net.cfg
index 6f832563364399ef9625ebf79b85bb684e840635..bdcc53e07b6461dd77111166cd0aaf1fb5db299c 100644 (file)
--- a/configs/znc-with-net.cfg
+++ b/configs/znc-with-net.cfg
@@ -1,3 +1,5 @@
+# Example config for nsjail
+
 name: "znc-with-net"
 
 description: "This policy allows to run znc a jail. "

diff --git a/kafel b/kafel
index 6282b5e612f83a3b7020eb816cff354fd0c0597d..d1768389e218f5b31258a4a35855b1372a3b8bef 160000 (submodule)
--- a/kafel
+++ b/kafel
@@ -1 +1 @@
-Subproject commit 6282b5e612f83a3b7020eb816cff354fd0c0597d
+Subproject commit d1768389e218f5b31258a4a35855b1372a3b8bef