Provided by: rsbac-admin_1.4.0-repack-0ubuntu3_amd64
NAME
rsbac_jail - put program into RSBAC jail
SYNOPSIS
rsbac_jail [-vilnrao] {path} {IP} {prog} [args]
DESCRIPTION
All Linux kernels provide the chroot system call to confine a process in a subdirectory. Unfortunately, this does not protect the system from root processes, and it can be broken out of. The JAIL module extends the chroot system call functionality to provide a superset of the FreeBSD jail functionality (except individual kernel level hostnames). This program will put the process into a jail with chroot to path, ip address IP and then execute prog with args. See appropriate RSBAC documentation about for JAIL module details.
OPTIONS
-v verbose program output -i allow access to IPC outside this jail -l allow jailed processes to change their rlimits -n allow all network families, not only UNIX and INET (IPv4) -r allow INET (IPv4) raw sockets (e.g. for ping) -a auto-adjust INET any address 0.0.0.0 to jail address, if set -o additionally allow to/from remote INET (IPv4) address 127.0.0.1
AUTHOR
Amon Ott <ao@rsbac.org>.