From: Robert Swiecki Date: Wed, 5 May 2021 11:50:51 +0000 (+0200) Subject: configs/ - add comments to config files using # X-Git-Tag: 3.0.20210707~7 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=3ac7856b673604b9a655de138d4b2a924450cbba;p=platform%2Fupstream%2Fnsjail.git configs/ - add comments to config files using # --- diff --git a/configs/apache.cfg b/configs/apache.cfg index f3ae838..a1f2ff6 100644 --- a/configs/apache.cfg +++ b/configs/apache.cfg @@ -1,4 +1,7 @@ +# Example config for nsjail + name: "apache-with-cloned-net" + description: "Tested under Ubuntu 17.04. Other Linux distros might " description: "use different locations for the Apache's HTTPD configuration " description: "files and system libraries" diff --git a/configs/bash-with-fake-geteuid.cfg b/configs/bash-with-fake-geteuid.cfg index c0046ba..99a36af 100644 --- a/configs/bash-with-fake-geteuid.cfg +++ b/configs/bash-with-fake-geteuid.cfg @@ -1,4 +1,7 @@ +# Example config for nsjail + name: "bash-with-fake-geteuid" + description: "An example/demo policy which allows to execute /bin/bash and other commands in " description: "a fairly restricted jail containing only some directories from the main " description: "system, and with blocked __NR_syslog syscall. Also, __NR_geteuid returns -1337 " diff --git a/configs/demo-dont-use-chrome-with-net.cfg b/configs/demo-dont-use-chrome-with-net.cfg index 690657e..c6c6a5f 100644 --- a/configs/demo-dont-use-chrome-with-net.cfg +++ b/configs/demo-dont-use-chrome-with-net.cfg @@ -1,3 +1,5 @@ +# Example config for nsjail + name: "chrome-with-net" description: "Don't use for anything serious - this is just a demo policy. See notes" diff --git a/configs/firefox-with-cloned-net.cfg b/configs/firefox-with-cloned-net.cfg index 343621b..180ed9a 100644 --- a/configs/firefox-with-cloned-net.cfg +++ b/configs/firefox-with-cloned-net.cfg @@ -1,3 +1,5 @@ +# Example config for nsjail + name: "firefox-with-cloned-net" description: "This policy allows to run firefox inside a jail on a separate eth interface." diff --git a/configs/firefox-with-net.cfg b/configs/firefox-with-net.cfg index c9b677c..b88f8ea 100644 --- a/configs/firefox-with-net.cfg +++ b/configs/firefox-with-net.cfg @@ -1,3 +1,5 @@ +# Example config for nsjail + name: "firefox-with-net" description: "This policy allows to run firefox inside a jail. Access to networking is" diff --git a/configs/home-documents-with-xorg-no-net.cfg b/configs/home-documents-with-xorg-no-net.cfg index b219114..83cfb42 100644 --- a/configs/home-documents-with-xorg-no-net.cfg +++ b/configs/home-documents-with-xorg-no-net.cfg @@ -1,3 +1,5 @@ +# Example config for nsjail + name: "documents-with-xorg" description: "This policy allows to run many X-org based tool, which are allowed" diff --git a/configs/imagemagick-convert.cfg b/configs/imagemagick-convert.cfg index d4a418e..45254a0 100644 --- a/configs/imagemagick-convert.cfg +++ b/configs/imagemagick-convert.cfg @@ -1,3 +1,5 @@ +# Example config for nsjail + name: "imagemagick-convert" description: "This policy allows to run ImageMagick's convert inside a jail." diff --git a/configs/static-busybox-with-execveat.cfg b/configs/static-busybox-with-execveat.cfg index 0d0a49e..ddfe01c 100644 --- a/configs/static-busybox-with-execveat.cfg +++ b/configs/static-busybox-with-execveat.cfg @@ -1,3 +1,5 @@ +# Example config for nsjail + name: "static-busybox-with-execveat" description: "An example/demo policy which allows to execute /bin/busybox-static in an " description: "empty (only /proc) mount namespace which doesn't even include busybox itself" diff --git a/configs/tomcat8.cfg b/configs/tomcat8.cfg index 0262b36..30af214 100644 --- a/configs/tomcat8.cfg +++ b/configs/tomcat8.cfg @@ -1,4 +1,7 @@ +# Example config for nsjail + name: "tomcat8" + description: "Tested under Ubuntu 16.04 with tomcat8=8.0.32-1ubuntu1.9," description: "libnl-route-3-200=3.2.27-1ubuntu0.16.04.1," description: "libprotobuf9v5=2.6.1-1.3," diff --git a/configs/xchat-with-net.cfg b/configs/xchat-with-net.cfg index 8575b92..04c361b 100644 --- a/configs/xchat-with-net.cfg +++ b/configs/xchat-with-net.cfg @@ -1,3 +1,5 @@ +# Example config for nsjail + name: "xchat-with-net" description: "This policy allows to run xchat inside a jail. Access to networking is" diff --git a/configs/znc-with-net.cfg b/configs/znc-with-net.cfg index 6f83256..bdcc53e 100644 --- a/configs/znc-with-net.cfg +++ b/configs/znc-with-net.cfg @@ -1,3 +1,5 @@ +# Example config for nsjail + name: "znc-with-net" description: "This policy allows to run znc a jail. " diff --git a/kafel b/kafel index 6282b5e..d176838 160000 --- a/kafel +++ b/kafel @@ -1 +1 @@ -Subproject commit 6282b5e612f83a3b7020eb816cff354fd0c0597d +Subproject commit d1768389e218f5b31258a4a35855b1372a3b8bef