--- portmap_org 2008-07-14 04:58:03.000000000 +0200 +++ portmap 2008-07-05 03:36:52.000000000 +0200 @@ -11,7 +11,7 @@ start() { ebegin "Starting portmap" - start-stop-daemon --start --quiet --exec /sbin/portmap -- ${PORTMAP_OPTS} + run-jail portmap start-stop-daemon --start --quiet --exec /sbin/portmap -- ${PORTMAP_OPTS} local ret=$? eend ${ret} # without, if a service depending on portmap is started too fast, cat /etc/rsbac/jail/portmap ; ; RSBAC JAIL definition for portmap ; 20051127 ; "" "0.0.0.0" "127.0.0.1" (allow-dev-read allow-dev-write allow-external-ipc auto-adjust-ip-address private-namespace) (net-bind-service sys-ptrace setgid setuid) () () This is execute now: ['rsbac_jail', '-I', '127.0.0.1', '-d', '-D', '-i', '-a', '-N', '-C', 'NET_BIND_SERVICE', 'SYS_PTRACE', 'SETGID', 'SETUID', '/sbin/start-stop-daemon', '--start', '--quiet', '--exec', '/sbin/portmap', '--', '-l']