Help files

virtualmin · Jan 24, 2017 · 1901f74 · 1901f74
1 parent 132c14c
commit 1901f74
Show file tree

Hide file tree

Showing 16 changed files with 49 additions and 16 deletions.
diff --git a/edit_jail.cgi b/edit_jail.cgi
@@ -12,12 +12,12 @@ my %jail_params;
 
 # Make a new section?
 if($in{'new'}) {
-  ui_print_header(undef, $text{'index_create_jail'}, "");
+  ui_print_header(undef, $text{'index_create_jail'}, '', 'create_jail');
   # Keep new defined so we add a new section on save
   print ui_hidden("new", $in{'new'});
 }
 else {
-  ui_print_header(undef, $text{'index_edit_jail'}, "");
+  ui_print_header(undef, $text{'index_edit_jail'}, '', 'edit_jail');
   unless ( $jk_init_ini->SectionExists( $in{'jail'} )) {
     error( $text{'edit_jail_not_found'} );
   };
@@ -34,27 +34,29 @@ print ui_hidden("orig_jail", $in{'jail'});
 print ui_table_start( $text{'jail_detail'}, undef, 2);
 
 # name
-print ui_table_row( $text{'edit_jail_name'},
+print ui_table_row( hlink($text{'edit_jail_name'}, 'name'),
   ui_textbox('jail', $in{'jail'}));
 # comment/description
-print ui_table_row( $text{'edit_jail_comment'},
+print ui_table_row( hlink($text{'edit_jail_comment'}, 'comment'),
   ui_textbox('comment', $jail_params{'comment'}));
 # paths
-print ui_table_row( $text{'edit_jail_paths'},
+print ui_table_row( hlink($text{'edit_jail_paths'}, 'paths'),
   ui_textarea('paths', $jail_params{'paths'}));
-print ui_table_row( $text{'edit_jail_paths_w_owner'},
+print ui_table_row( hlink($text{'edit_jail_paths_w_owner'}, 'paths_w_owner'),
   ui_textarea('paths_w_owner', $jail_params{'paths_w_owner'}));
-print ui_table_row( $text{'edit_jail_users'},
+print ui_table_row( hlink($text{'edit_jail_paths_w_setuid'}, 'paths_w_setuid'),
+  ui_textarea('paths_w_setuid', $jail_params{'paths_w_setuid'}));
+print ui_table_row( hlink($text{'edit_jail_users'}, 'users'),
   ui_textarea('users', $jail_params{'users'}));
-print ui_table_row( $text{'edit_jail_groups'},
+print ui_table_row( hlink($text{'edit_jail_groups'}, 'groups'),
   ui_textarea('groups', $jail_params{'groups'}));
-print ui_table_row( $text{'edit_jail_includesections'},
+print ui_table_row( hlink($text{'edit_jail_includesections'}, 'includesections'),
   ui_textarea('includesections'), $jail_params{'includesections'});
-print ui_table_row( $text{'edit_jail_emptydirs'},
-  ui_textbox('emptydirs', $jail_params{'emptydirs'}));
-print ui_table_row( $text{'edit_jail_devices'},
+print ui_table_row( hlink($text{'edit_jail_emptydirs'}, 'emptydirs'),
+  ui_textarea('emptydirs', $jail_params{'emptydirs'}));
+print ui_table_row( hlink($text{'edit_jail_devices'}, 'devices'),
   ui_textbox('devices', $jail_params{'devices'}));
-print ui_table_row( $text{'edit_jail_need_logsocket'},
+print ui_table_row( hlink($text{'edit_jail_need_logsocket'}, 'need_logsocket'),
   ui_checkbox('need_logsocket', 1,
   undef, $jail_params{'need_logsocket'} ? 1 : 0));
 

diff --git a/help/comment.html b/help/comment.html
@@ -0,0 +1,2 @@
+<header>Comment</header>
+This option sets the comment paramter for the selected jail configuration. It is generally used to describe the purpose of the jail.
diff --git a/help/create_jail.html b/help/create_jail.html
@@ -0,0 +1,3 @@
+<header>Create Jail</header>
+<p>This form provides access to all of the elements of one jail section of the Jailkit jk_init.ini jail configuration file.</p>
+<p>All parameters, except Jail ID, are optional, though to be useful a jail will at least need paths to be useful</p>
diff --git a/help/devices.html b/help/devices.html
@@ -0,0 +1,2 @@
+<header>Devices to create in jail</header>
+Specifies which devices are required in the jail.
diff --git a/help/edit_jail.html b/help/edit_jail.html
@@ -0,0 +1,3 @@
+<header>Edit Jail</header>
+<p>This form provides access to all of the elements of one jail section of the Jailkit jk_init.ini jail configuration file.</p>
+<p>All parameters, except Jail ID, are optional, though to be useful a jail will at least need paths to be useful</p>
diff --git a/help/emptydirs.html b/help/emptydirs.html
@@ -0,0 +1,2 @@
+<header>Empty directories to create in jail</header>
+Specifies, in a comma-separated list, which directories to create as empty directories. This can be useful to create for example mountpoints in the jail.
diff --git a/help/groups.html b/help/groups.html
@@ -0,0 +1,2 @@
+<header>Groups to include in /etc/group</header>
+  Some programs require group information to be available in /etc/group.  This option will make the information for the listed groups available in /etc/group. Multiple group names can be specified in a comma-separated list.
diff --git a/help/includesections.html b/help/includesections.html
@@ -0,0 +1,2 @@
+<header>Other jails to inherit from</header>
+Entry specifies which other jail sections need to be processed as well when processing the current jail configuration. For example if <i>uidbasics</i> were included here, the paths, users, groups, etc. from the <i>uidbasics</i> jail would be included in jails generated with this configuration.
diff --git a/help/name.html b/help/name.html
@@ -0,0 +1,2 @@
+<header>Jail ID</header>
+This option is the name for the Jail. It should be unique and should contain no spaces or special characters. It will be used as a section label in the jk_init.ini configuration file.
diff --git a/help/need_logsocket.html b/help/need_logsocket.html
@@ -0,0 +1,2 @@
+<header>Log socket required?</header>
+If this is checked, the jail will include a <i>/dev/log</i> socket.
diff --git a/help/paths.html b/help/paths.html
@@ -0,0 +1,2 @@
+<header>Paths to include in jail</header>
+Comma-separated list of directory or file paths to include in jail.
diff --git a/help/paths_w_owner.html b/help/paths_w_owner.html
@@ -0,0 +1,2 @@
+<header>Paths to include (keep ownership)</header>
+  Comma-separated list of directory and file paths to include in jail. This option preserves ownership information (equivalent to using "cp -p" to copy the files).
diff --git a/help/paths_w_setuid.html b/help/paths_w_setuid.html
@@ -0,0 +1,2 @@
+<header>Paths to include (with setuid)</header>
+  Comma-separated list of directory and file paths to include in the jail. These files will be setuid. Use extreme caution when placing setuid binaries into a chroot jail, as a poorly constructed program (or malicious one) could be used to escape the jail or escalate privileges.
diff --git a/help/users.html b/help/users.html
@@ -0,0 +1,2 @@
+<header>Users to include in /etc/passwd</header>
+  Some programs and activities require users to exist in the /etc/passwd file. This option will make the information for the listed users available in /etc/passwd. Multiple user names can be specified in a comma-separated list.
diff --git a/lang/en b/lang/en
@@ -14,10 +14,11 @@ edit_jail_return=Return to jail list
 edit_jail_not_found=That jail doesn't exist!
 edit_jail_name=Jail ID
 edit_jail_comment=Comment
-edit_jail_paths=Paths to include in Jail
+edit_jail_paths=Paths to include in jail
 edit_jail_paths_w_owner=Paths to include (keep ownership)
-edit_jail_users=Users to include in passwd
-edit_jail_groups=Groups to include in passwd
+edit_jail_paths_w_setuid=Paths to include (with setuid)
+edit_jail_users=Users to include in /etc/passwd
+edit_jail_groups=Groups to include in /etc/group
 edit_jail_need_logsocket=Log socket required?
 edit_jail_includesections=Other jails to inherit from
 edit_jail_emptydirs=Empty directories to create in jail

diff --git a/save_jail.cgi b/save_jail.cgi
@@ -38,6 +38,8 @@ if (length $in{'paths'}) { $jk_init_ini->newval($in{'jail'},
 	'paths', $in{'paths'}); }
 if (length $in{'paths_w_owner'}) { $jk_init_ini->newval($in{'jail'},
 	'paths_w_owner', $in{'paths_w_owner'}); }
+if (length $in{'paths_w_setuid'}) { $jk_init_ini->newval($in{'jail'},
+	'paths_w_setuid', $in{'paths_w_setuid'}); }
 if (length $in{'users'}) { $jk_init_ini->newval($in{'jail'},
 	'users', $in{'users'}); }
 if (length $in{'groups'}) { $jk_init_ini->newval($in{'jail'},