Anybody dried -i jaildir?

Hal Murray hmurray at megapathdsl.net
Mon Feb 26 05:35:59 UTC 2018


If we are serious about security, it seems like a good tool to add to the 
collection.

Is there a HOWTO set it up?  I  didn't find one for NTP.  Are all jaildirs 
sufficiently similar that a global HOWTO is all one needs to set one up for 
NTP?  I found one for FreeBSD, but not much for Linux.  If I search for HOWTO 
chroot rather than HOWTO jaildir, I find some info for BIND.  If anybody has 
a favorite, please let me know.


from the man page:

       -i string, --jaildir=string
           Jail directory.

           Chroot the server to the directory jaildir This option also implies
           that the server attempts to drop root privileges at startup. You
           may need to also specify a -u option. This option is only available
           if the OS supports adjusting the clock without full root
           privileges. This option is supported under Linux, NetBSD and
           Solaris.

I wonder why it is -i rather than -j.


-- 
These are my opinions.  I hate spam.





More information about the devel mailing list