Skip to content

Bastille Day Update

Pre-release
Pre-release
Compare
Choose a tag to compare
@cedwards cedwards released this 15 Jul 13:58
· 1032 commits to master since this release
0.4.20190714
5540b22
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Happy Bastille Day!

Updates in this release:

  • ip@interface syntax now (optionally) supported during bastille create.
  • template system now supports INCLUDE and SERVICE.
    • INCLUDE is a line-delimited list of template urls
    • included templates will be bootstrapped and applied in the order they are listed.
    • SERVICE template hook executes /usr/sbin/service within the jail
  • /usr/local/bastille now 0750 to avoid unprivileged users from accessing Bastille files, jails, releases, etc.
  • template hook CONFIG renamed to OVERLAY.
    • CONFIG still supported for backward compatibility; deprecation warning will display
  • check for uid=0 for all bastille commands
  • update internal usage document with latest sub-commands
  • sub-command file validation before execution
  • network bootstrapping supported with new config values
  • support for listing jail(s), template(s), log(s), release(s).
  • only reload firewall on start/stop if loopback networking used.
  • ZFS sub-command additions of get|set|snapshot.
Assets 3
Loading