Hi, 2015-12-11 12:03 GMT+01:00 John Crispin <blo...@openwrt.org>: > > Hi, > > with you adding lots of new features i am starting to not know what > ujail can now do ;) > > how about if we start creating man page style docs and put them into the > source tree and maintain them int he git. so whenever we add a new > option we add some docs to explain how it works. > > we could use standard asciidoc syntax
I totally agree, my TODO (wish) list for ujail: - small patch to not use CLONE_NEWUTS when -h isn't present, so when we change "host" hostname, jail hostname also changes - doc doc doc / jail some openwrt daemon (ntpd, ...) - merge ujail into procd: some feature like changing user are already in procd, but not in ujail, and we need to apply/drop everything in the right order. jail should be the default, so i prefer to merge ujail functionality into procd than to duplicate procd into ujail (i will discuss it more before starting) - options for read only /sys or /proc - use uci instead of json? - add PR_SET_KEEPCAPS support, so we can launch a http server as user nobody but with CAP_NET_BIND_SERVICE (to bind on port 80) (and without file capabilities) - take a look at ambient capabilities (kernel 4.3+) - ... Can you put on your todo list: - write code-style guidelines (no c++ style comments, no function() but function(void), ...) > > John
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel