aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.md12
1 files changed, 6 insertions, 6 deletions
diff --git a/README.md b/README.md
index 7fca79a..68f8884 100644
--- a/README.md
+++ b/README.md
@@ -9,11 +9,11 @@ the setup is not as simple/easy.
Requirements
------------
You need an iptables version that supports cgroup matching (e. g.
-version >= 1.6);
+version >= 1.6) and rust/cargo to build the binary
The following kernel config parameters must be set:
-CONFIG_NETFILTER_XT_MATCH_CGROUP
-CONFIG_NET_CLS_CGROUP
+ * CONFIG_NETFILTER_XT_MATCH_CGROUP
+ * CONFIG_NET_CLS_CGROUP
Example
-------
@@ -41,8 +41,8 @@ If cgroup_root isn't mounted to /sys/fs/cgroup, do it or change the
constant in the source to the correct path.
```
-make
-cp qsni /usr/bin/
+cargo build --release
+cp target/release/qsni /usr/bin/
chmod o=rx /usr/bin/qsni
chown root:root /usr/bin/qsni
setcap 'cap_setuid=ep cap_setgid=ep' /usr/bin/qsni
@@ -67,4 +67,4 @@ system isolation is also necessary and perhaps IPC etc.
qsni however does not aim to be a complete "jailing/isolation" solution.
Nevertheless, I have use cases for it, hence its existence.
-¹ name is preliminary,
+¹ name is preliminary