--- samba_org 2008-07-14 02:21:38.000000000 +0200 +++ samba 2008-07-13 17:34:30.000000000 +0200 @@ -23,7 +23,13 @@ eval cmd_exec=\$${daemon}_${signal} if [ -n "${cmd_exec}" ]; then ebegin "${my_service_name} -> ${signal}: ${daemon}" - samba ${cmd_exec} > /dev/null + if [ "${signal}" = "start" ];then + #echo ${cmd} '->' ${!cmd} + run-jail samba ${cmd_exec} + # > /dev/null + else + ${cmd_exec} + fi last_result=$? eend ${last_result} fi
; ; RSBAC JAIL definition for samba ; 20080507 ; ; Tested by igraltist on gentoo ; "" "0.0.0.0" (allow-dev-write allow-dev-read allow-all-net-family ) (sys-ptrace sys-resource kill setuid setgid net-bind-service ) () (rlimit)
This is execute now: rsbac_jail -D -d -n -C SYS_PTRACE SYS_RESOURCE KILL SETUID SETGID NET_BIND_SERVICE -M rlimit start-stop-daemon --start --quiet --exec /usr/sbin/smbd -- -D [ ok ] * samba -> start: nmbd ... This is execute now: rsbac_jail -D -d -n -C SYS_PTRACE SYS_RESOURCE KILL SETUID SETGID NET_BIND_SERVICE -M rlimit start-stop-daemon --start --quiet --exec /usr/sbin/nmbd -- -D [ ok