From owner-freebsd-jail@FreeBSD.ORG Sun Mar 24 01:15:28 2013 Return-Path: Delivered-To: freebsd-jail@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 7C18CB24; Sun, 24 Mar 2013 01:15:28 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 5549B3C9; Sun, 24 Mar 2013 01:15:28 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r2O1FSAe005604; Sun, 24 Mar 2013 01:15:28 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r2O1FS4P005603; Sun, 24 Mar 2013 01:15:28 GMT (envelope-from linimon) Date: Sun, 24 Mar 2013 01:15:28 GMT Message-Id: <201303240115.r2O1FS4P005603@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-jail@FreeBSD.org From: linimon@FreeBSD.org Subject: Re: kern/177325: [jail] Jail umounts fstab in the wrong order X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Mar 2013 01:15:28 -0000 Synopsis: [jail] Jail umounts fstab in the wrong order Responsible-Changed-From-To: freebsd-bugs->freebsd-jail Responsible-Changed-By: linimon Responsible-Changed-When: Sun Mar 24 01:15:19 UTC 2013 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=177325 From owner-freebsd-jail@FreeBSD.ORG Sun Mar 24 14:18:53 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id CF345741 for ; Sun, 24 Mar 2013 14:18:53 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay02.ispgateway.de (smtprelay02.ispgateway.de [80.67.31.29]) by mx1.freebsd.org (Postfix) with ESMTP id 92A0ACFE for ; Sun, 24 Mar 2013 14:18:53 +0000 (UTC) Received: from [84.44.209.129] (helo=fabiankeil.de) by smtprelay02.ispgateway.de with esmtpsa (SSLv3:AES128-SHA:128) (Exim 4.68) (envelope-from ) id 1UJlhj-0008G9-3R; Sun, 24 Mar 2013 15:15:23 +0100 Date: Sun, 24 Mar 2013 15:14:29 +0100 From: Fabian Keil To: Nicolas de Bari Embriz Garcia Rojas Subject: Re: zfs quota per user Message-ID: <20130324151429.52f1752f@fabiankeil.de> In-Reply-To: References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/9i03w1uj2GAFB_M3eOfum/j"; protocol="application/pgp-signature" X-Df-Sender: Nzc1MDY3 Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: freebsd-jail@freebsd.org List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Mar 2013 14:18:53 -0000 --Sig_/9i03w1uj2GAFB_M3eOfum/j Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Nicolas de Bari Embriz Garcia Rojas wrote: > Hi, it is possible to have quotas per user inside a jail using zfs? >=20 > I don't want to create a zfs file system for each user I just want to app= ly, > let's say a quota of 100M per account. (like UFS quotas) but within a jail >=20 > any ideas ? You can set multiple zfs userquota properties on a single dataset. Fabian --Sig_/9i03w1uj2GAFB_M3eOfum/j Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlFPCkkACgkQBYqIVf93VJ1W+gCgm+bTFh3aFugLJBHIf3rrVxAt YtoAoMngE2hLAfKgegq5jKue1/4v08pP =J1d1 -----END PGP SIGNATURE----- --Sig_/9i03w1uj2GAFB_M3eOfum/j-- From owner-freebsd-jail@FreeBSD.ORG Sun Mar 24 14:28:59 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 94016BBB for ; Sun, 24 Mar 2013 14:28:59 +0000 (UTC) (envelope-from nbari@inbox.im) Received: from us3.route.mx (us3.route.mx [107.21.107.127]) by mx1.freebsd.org (Postfix) with ESMTP id 4F36CD77 for ; Sun, 24 Mar 2013 14:28:58 +0000 (UTC) Received: (route-mx 26996 invoked from network); 24 Mar 2013 14:28:58 -0000 Received: from unknown (HELO [192.168.1.102]) (nbari@inbox.im@route.mx) (envelope-sender ) by us3.route.mx (route-mx) with AES128-SHA encrypted SMTP for ; 24 Mar 2013 14:28:57 -0000 Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\)) Subject: Re: zfs quota per user From: Nicolas de Bari Embriz Garcia Rojas In-Reply-To: <20130324151429.52f1752f@fabiankeil.de> Date: Sun, 24 Mar 2013 14:28:52 +0000 Content-Transfer-Encoding: quoted-printable Message-Id: <6CE64B34-1433-4969-A6E2-D9E57FAE34A1@inbox.im> References: <20130324151429.52f1752f@fabiankeil.de> To: freebsd-jail@freebsd.org X-Mailer: Apple Mail (2.1503) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Mar 2013 14:28:59 -0000 within a jail ? let's say I have a jail and a dataset /home and what to give 1GB of = space to users, something like: /home/user1 (1GB quota) /home/user2 (1GB quota) =85 I know that I can do per user something like : zfs create zroot/jail/public/home/user1 zfs set quota=3D1G zroot/jail/public/home/user1 but that's exactly what I want to avoid. I would like to at least only create zroot/jail/public/home with a quota = of 1GB and that automatically all created users inherit that quota per = home. with out need to manually have to create the user home and set a quota. this is because I have users stored on a ldap db and I would like just = to migrate does users to a jail in a new server so that new users when = login to the new jail, home is created automatically and quotas applied = with out need to create a dataset per each user. I want to avoid modifying the "ldap_pam" scripts etc.=20 Any ideas ? On Mar 24, 2013, at 2:14 PM, Fabian Keil = wrote: > Nicolas de Bari Embriz Garcia Rojas wrote: >=20 >> Hi, it is possible to have quotas per user inside a jail using zfs? >>=20 >> I don't want to create a zfs file system for each user I just want to = apply, >> let's say a quota of 100M per account. (like UFS quotas) but within a = jail >>=20 >> any ideas ? >=20 > You can set multiple zfs userquota properties on a single dataset. >=20 > Fabian From owner-freebsd-jail@FreeBSD.ORG Sun Mar 24 15:05:41 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 06F491FD for ; Sun, 24 Mar 2013 15:05:41 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay06.ispgateway.de (smtprelay06.ispgateway.de [80.67.31.96]) by mx1.freebsd.org (Postfix) with ESMTP id 90351EBF for ; Sun, 24 Mar 2013 15:05:40 +0000 (UTC) Received: from [84.44.209.129] (helo=fabiankeil.de) by smtprelay06.ispgateway.de with esmtpsa (SSLv3:AES128-SHA:128) (Exim 4.68) (envelope-from ) id 1UJmTd-0003OL-Pv; Sun, 24 Mar 2013 16:04:53 +0100 Date: Sun, 24 Mar 2013 16:04:04 +0100 From: Fabian Keil To: Nicolas de Bari Embriz Garcia Rojas Subject: Re: zfs quota per user Message-ID: <20130324160404.7117be3c@fabiankeil.de> In-Reply-To: <6CE64B34-1433-4969-A6E2-D9E57FAE34A1@inbox.im> References: <20130324151429.52f1752f@fabiankeil.de> <6CE64B34-1433-4969-A6E2-D9E57FAE34A1@inbox.im> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/kTomqAI_4+W+WlRgA3soSva"; protocol="application/pgp-signature" X-Df-Sender: Nzc1MDY3 Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: freebsd-jail@freebsd.org List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Mar 2013 15:05:41 -0000 --Sig_/kTomqAI_4+W+WlRgA3soSva Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Nicolas de Bari Embriz Garcia Rojas wrote [quoting adjuste= d]: > On Mar 24, 2013, at 2:14 PM, Fabian Keil w= rote: >=20 > > Nicolas de Bari Embriz Garcia Rojas wrote: > >=20 > >> Hi, it is possible to have quotas per user inside a jail using zfs? > >>=20 > >> I don't want to create a zfs file system for each user I just want to = apply, > >> let's say a quota of 100M per account. (like UFS quotas) but within a = jail > >>=20 > >> any ideas ? > >=20 > > You can set multiple zfs userquota properties on a single dataset. > within a jail ? >=20 > let's say I have a jail and a dataset /home and what to give 1GB of space= to users, something like: >=20 > /home/user1 (1GB quota) > /home/user2 (1GB quota) > =E2=80=A6 >=20 > I know that I can do per user something like : >=20 > zfs create zroot/jail/public/home/user1 > zfs set quota=3D1G zroot/jail/public/home/user1 >=20 > but that's exactly what I want to avoid. quota and userquota are different properties. The details are in the zfs man page. =20 > I would like to at least only create zroot/jail/public/home with a quota = of 1GB > and that automatically all created users inherit that quota per home. > with out need to manually have to create the user home and set a quota. You can set userquotas in advance using numeric IDs (or user names, if you can predict them). Fabian --Sig_/kTomqAI_4+W+WlRgA3soSva Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlFPFecACgkQBYqIVf93VJ3H9QCfQafZvlD9fJw+TSnzY+ZnpdJm ob8Anj1gUN2Cv5Z4Qjxzt6Q7oyxm5nP0 =N2M1 -----END PGP SIGNATURE----- --Sig_/kTomqAI_4+W+WlRgA3soSva-- From owner-freebsd-jail@FreeBSD.ORG Sun Mar 24 15:57:24 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 135CE4DF for ; Sun, 24 Mar 2013 15:57:24 +0000 (UTC) (envelope-from nbari@inbox.im) Received: from eu.route.mx (eu.route.mx [46.137.95.40]) by mx1.freebsd.org (Postfix) with ESMTP id A2D031B3 for ; Sun, 24 Mar 2013 15:57:23 +0000 (UTC) Received: (route-mx 77771 invoked from network); 24 Mar 2013 15:57:15 -0000 Received: from unknown (HELO [192.168.1.102]) (nbari@inbox.im@[89.181.205.0]) (envelope-sender ) by eu.route.mx (route-mx) with AES128-SHA encrypted SMTP for ; 24 Mar 2013 15:57:14 -0000 From: Nicolas de Bari Embriz Garcia Rojas Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: bsnmp-jails .1.3.6.1.4.1.12325.1.1111 Message-Id: <14F45907-F15F-4A58-B90D-F05AE982021F@inbox.im> Date: Sun, 24 Mar 2013 15:57:12 +0000 To: "freebsd-jail@freebsd.org" Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\)) X-Mailer: Apple Mail (2.1503) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Mar 2013 15:57:24 -0000 In my pursuit to monitor jails bandwidth I found bsnmp-jails. I got it up and running but can't get the MIB.txt to work.=20 the output of snmptranslate .1.3.6.1.4.1.12325 is : SNMPv2-SMI::enterprises.12325 any idea of how to properly setup the MIB.txt so that I can use = enterprises.fokus.begemot.jails ? regards.= From owner-freebsd-jail@FreeBSD.ORG Mon Mar 25 11:06:45 2013 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 8A256FF1 for ; Mon, 25 Mar 2013 11:06:45 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 7B2E1C2 for ; Mon, 25 Mar 2013 11:06:45 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r2PB6jBk007191 for ; Mon, 25 Mar 2013 11:06:45 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r2PB6jPY007189 for freebsd-jail@FreeBSD.org; Mon, 25 Mar 2013 11:06:45 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 25 Mar 2013 11:06:45 GMT Message-Id: <201303251106.r2PB6jPY007189@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Mar 2013 11:06:45 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/177325 jail [jail] Jail umounts fstab in the wrong order o kern/176482 jail [jail] Jails not unmounting devfs on exit o kern/176112 jail [jail] [panic] kernel panic when starting jails o kern/176092 jail [jail] [panic] Starting a jail on my releng/9.1 kernel o kern/174902 jail [jail] jail should provide validator for jail names o kern/174436 jail [jail] Jails with numbers as names don't work o bin/173469 jail [jail] regression: security.jail.sysvipc_allowed=1 no o kern/169751 jail [jail] reading routing information does not work in ja o bin/167911 jail new jail(8) problem with removal, ifconfg -alias and k o kern/159918 jail [jail] inter-jail communication failure o kern/156111 jail [jail] procstat -b not supported in jail o misc/155765 jail [patch] `buildworld' does not honors WITHOUT_JAIL o conf/154246 jail [jail] [patch] Bad symlink created if devfs mount poin o conf/149050 jail [jail] rcorder ``nojail'' too coarse for Jail+VNET s conf/142972 jail [jail] [patch] Support JAILv2 and vnet in rc.d/jail o conf/141317 jail [patch] uncorrect jail stop in /etc/rc.d/jail o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid 19 problems total. From owner-freebsd-jail@FreeBSD.ORG Tue Mar 26 01:28:07 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 838789C0 for ; Tue, 26 Mar 2013 01:28:07 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [217.13.206.130]) by mx1.freebsd.org (Postfix) with ESMTP id BB82CE74 for ; Tue, 26 Mar 2013 01:28:06 +0000 (UTC) Received: (qmail 83472 invoked from network); 26 Mar 2013 01:28:04 -0000 Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org) by elektropost.org with CAMELLIA256-SHA encrypted SMTP; 26 Mar 2013 01:28:04 -0000 Message-ID: <5150F9A4.4010903@erdgeist.org> Date: Tue, 26 Mar 2013 02:28:04 +0100 From: Dirk Engling User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130307 Thunderbird/17.0.4 MIME-Version: 1.0 To: Fbsd8 Subject: Re: Handbook Jail Chapter rewrite available for critique References: <1UHfYF-000LVV-4Y@internal.tormail.org> <5148980A.1070408@erdgeist.org> <20130321170556.Q32142@sola.nimnet.asn.au> <514CD742.7030207@a1poweruser.com> In-Reply-To: <514CD742.7030207@a1poweruser.com> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org, Ian Smith X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Mar 2013 01:28:07 -0000 Dear JoeB, since you just threatened me via private email to expose my evil plans of preventing your ubercool project from taking FreeBSD by storm, I would like to comment on your views and your project publicly On 22.03.13 23:12, Fbsd8 wrote: > On the subject of qjail being a fork of ezjail, of course it is. So, you've decided to run along with an existing code base to fork a project. Congratulations. You surely must have had reasons, like including features that the original author told you never to implement. Like you found the project abandoned and no one replied to your requests. Well, except you did not. I found out about your fork by chance, after someone directed my attention to your constant bragging and nagging. Why, after all, would you ever feel the need to talk to me directly about the fork? After all, what common interests might we possibly share? So I think the only reason to rip off ezjails code was to boost your ego with some impressive looking column of shell script you obviously had trouble understanding, which comes as no surprise as you _still_ seem to have trouble grasping even the basic concepts of shell scripting: http://lists.freebsd.org/pipermail/freebsd-questions/2013-January/248558.html http://lists.freebsd.org/pipermail/freebsd-questions/2013-January/247723.html Reading this I find it very disturbing that you try to lure users into using your bumbling hack that pokes in one of the core security features of FreeBSD. To put it more plainly: What you do is dangerous. Stop doing it. You're putting your users at risk. > British member concluded that the author of ezjail must be British based > solely on the spelling of the flavour directory. He also convinced us > that his Beerware license was British humor, a joke, and should not be > taken serous. In our review of other jail ports we did not see this Then tell your "British member" to read up on some contemporary literature, maybe Wikipedia http://en.wikipedia.org/wiki/Beerware so he has a chance to understand what connects Beerware and FreeBSD. Do not use your confused team member as pretext to violate the terms of license you obviously found by yourself and chose to ignore. > file. It was inserted in the front like they have. We though that was > how you make software opensource which was the intention. There are no > formal copyright documents; it's just a extrapolation from the FreeBSD > comments. Besides completely failing to see the point what the difference between open source and public domain is, you do not have the slightest idea, what a community of people sharing their code as open source is about. The simple fact that you resort to Windows and IIS to serve your web site should have warned me, that you do not actually have any connection to the scene besides your gimme-gimme-gimme attitude. To make my point clear: Open source software is about attribution. For multiple reasons, most important to me: getting to socialize. Beerware is not so much about getting the actual beer, but to have a chance to sit together and talk with people sharing common interests. Now you rob me of the chance to ever hear from people using my code disguised as yours. Another reason, of course, is the pride we take in spending nearly ten years on ezjail and we definitely do not like some script kiddie running around adorn himself with plumes plucked from our asses. > section is not appropriate to include qjail under Freebsd opensource > type of license, then we can change the comments to say "totally free to > do as you wish as opensource" and leave it at that. If something else is > needed, please inform what that is by private email. To continue this > this subject in public is not appropriate. Please respect our wish in > this matter. No, I will not respect your wishes, as you chose to ignore mine. You are not totally free to do as you wish with the ezjail authors' code and you can not grant that rights to someone else. Regarding your fork: I can not and I will not prevent forks from happening. So I wish you good luck with it. Maybe you learn some shell on the way. The qjail port has been marked RESTRICTED by the ports managers and I will withdraw my concerns once you find a proper way to indicate original authorship in a humble way. Regards, erdgeist From owner-freebsd-jail@FreeBSD.ORG Tue Mar 26 11:55:10 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id E08219EF for ; Tue, 26 Mar 2013 11:55:10 +0000 (UTC) (envelope-from nbari@inbox.im) Received: from us3.route.mx (us3.route.mx [107.21.107.127]) by mx1.freebsd.org (Postfix) with ESMTP id 9C99F739 for ; Tue, 26 Mar 2013 11:55:10 +0000 (UTC) Received: (route-mx 48897 invoked from network); 26 Mar 2013 11:55:04 -0000 Received: from unknown (HELO nbari-z200.diz.la) (nbari@inbox.im@route.mx) (envelope-sender ) by us3.route.mx (route-mx) with SMTP for ; 26 Mar 2013 11:55:03 -0000 Message-ID: <51518C95.2010902@inbox.im> Date: Tue, 26 Mar 2013 11:55:01 +0000 From: Nicolas de Bari Embriz Garcia Rojas User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130314 Thunderbird/17.0.4 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: add more swap to jail within a jail References: In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Mar 2013 11:55:10 -0000 Hi, how can I add more swap space within a jail ? I have a jail with limited resources via rctl with somethiing like: jail:myjail:maxproc:deny=50 jail:myjail:memoryuse:deny=512M jail:myjail:swapuse:deny=512M But I want to know it it is possible to add jail disk space to increment the swap ? I am trying to compile gearmand/boots-libs but I can't since eats to much memory. An initial solution is to add the swap on the host, but is there a way to do it within the jail so that the (root user/admin) doesn't have to bother the host admin. any ideas? regards. From owner-freebsd-jail@FreeBSD.ORG Tue Mar 26 16:26:52 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 7BC23D10; Tue, 26 Mar 2013 16:26:52 +0000 (UTC) (envelope-from fbsd8@a1poweruser.com) Received: from mail-03.name-services.com (mail-03.name-services.com [69.64.155.195]) by mx1.freebsd.org (Postfix) with ESMTP id 4DCA69C6; Tue, 26 Mar 2013 16:26:52 +0000 (UTC) Received: from [10.0.10.1] ([173.88.202.176]) by mail-03.name-services.com with Microsoft SMTPSVC(6.0.3790.4675); Tue, 26 Mar 2013 09:26:23 -0700 Message-ID: <5151CC28.8060407@a1poweruser.com> Date: Tue, 26 Mar 2013 12:26:16 -0400 From: Fbsd8 User-Agent: Thunderbird 2.0.0.17 (Windows/20080914) MIME-Version: 1.0 To: Dirk Engling Subject: Re:qjail fork attribution was Handbook Jail Chapter rewrite available for critique References: <1UHfYF-000LVV-4Y@internal.tormail.org> <5148980A.1070408@erdgeist.org> <20130321170556.Q32142@sola.nimnet.asn.au> <514CD742.7030207@a1poweruser.com> <5150F9A4.4010903@erdgeist.org> In-Reply-To: <5150F9A4.4010903@erdgeist.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 26 Mar 2013 16:26:23.0738 (UTC) FILETIME=[A820BDA0:01CE2A3E] X-Sender: fbsd8@a1poweruser.com X-Authenticated-Sender: fbsd8@a1poweruser.com X-EchoSenderHash: [fbsd8]-[a1poweruser*com] Cc: ports@FreeBSD.org, freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Mar 2013 16:26:52 -0000 Dirk Engling wrote: > Dear JoeB, > > since you just threatened me via private email to expose my evil plans > of preventing your ubercool project from taking FreeBSD by storm, I > would like to comment on your views and your project publicly > > On 22.03.13 23:12, Fbsd8 wrote: > >> On the subject of qjail being a fork of ezjail, of course it is. > > So, you've decided to run along with an existing code base to fork a > project. Congratulations. > > You surely must have had reasons, like including features that the > original author told you never to implement. Like you found the project > abandoned and no one replied to your requests. > > Well, except you did not. I found out about your fork by chance, after > someone directed my attention to your constant bragging and nagging. > Why, after all, would you ever feel the need to talk to me directly > about the fork? After all, what common interests might we possibly share? > > So I think the only reason to rip off ezjails code was to boost your ego > with some impressive looking column of shell script you obviously had > trouble understanding, which comes as no surprise as you _still_ seem to > have trouble grasping even the basic concepts of shell scripting: > > http://lists.freebsd.org/pipermail/freebsd-questions/2013-January/248558.html > > http://lists.freebsd.org/pipermail/freebsd-questions/2013-January/247723.html > > Reading this I find it very disturbing that you try to lure users into > using your bumbling hack that pokes in one of the core security features > of FreeBSD. To put it more plainly: What you do is dangerous. Stop doing > it. You're putting your users at risk. > >> British member concluded that the author of ezjail must be British based >> solely on the spelling of the flavour directory. He also convinced us >> that his Beerware license was British humor, a joke, and should not be >> taken serous. In our review of other jail ports we did not see this > > Then tell your "British member" to read up on some contemporary > literature, maybe Wikipedia > > http://en.wikipedia.org/wiki/Beerware > > so he has a chance to understand what connects Beerware and FreeBSD. Do > not use your confused team member as pretext to violate the terms of > license you obviously found by yourself and chose to ignore. > >> file. It was inserted in the front like they have. We though that was >> how you make software opensource which was the intention. There are no >> formal copyright documents; it's just a extrapolation from the FreeBSD >> comments. > > Besides completely failing to see the point what the difference between > open source and public domain is, you do not have the slightest idea, > what a community of people sharing their code as open source is about. > > The simple fact that you resort to Windows and IIS to serve your web > site should have warned me, that you do not actually have any connection > to the scene besides your gimme-gimme-gimme attitude. > > To make my point clear: Open source software is about attribution. For > multiple reasons, most important to me: getting to socialize. Beerware > is not so much about getting the actual beer, but to have a chance to > sit together and talk with people sharing common interests. Now you rob > me of the chance to ever hear from people using my code disguised as yours. > > Another reason, of course, is the pride we take in spending nearly ten > years on ezjail and we definitely do not like some script kiddie running > around adorn himself with plumes plucked from our asses. > >> section is not appropriate to include qjail under Freebsd opensource >> type of license, then we can change the comments to say "totally free to >> do as you wish as opensource" and leave it at that. If something else is >> needed, please inform what that is by private email. To continue this >> this subject in public is not appropriate. Please respect our wish in >> this matter. > > No, I will not respect your wishes, as you chose to ignore mine. You are > not totally free to do as you wish with the ezjail authors' code and you > can not grant that rights to someone else. > > Regarding your fork: I can not and I will not prevent forks from > happening. So I wish you good luck with it. Maybe you learn some shell > on the way. > > The qjail port has been marked RESTRICTED by the ports managers and I > will withdraw my concerns once you find a proper way to indicate > original authorship in a humble way. > > Regards, > > erdgeist > > Dear Dirk Engling I feel sorry for you. I man with such talent and respect has fallen to such a level of self induced public humiliation. This outburst only confirms my suspicion that your suffering from dementia caused by advancing age. I tried to give you a way to save face as I purposed in my private email to you. But now that you have moved things into the public light you force me to publicly point out just how confused your thinking is. The FACT is the ezjail-3.2.3 port currently in the port system contains NO verbiage concerning any type of license. Even the ezjail Makefile doesn't invoke the BSD license. Even after I informed you of this fact by private email (which I have inserted below) you choose to publicly attack me in this manner. In this post you cut and paste selected snippets of content from different posts I made, which when inserted into the above post is taken totally out of context. To make matters worse you use a subject which will slander my efforts in creating a re-write of the handbook jail chapter. SHAME ON YOU. YOU KNOW BETTER THAN TO DO THAT. I had parents who both went through the confusion, forgetfulness, short term memory lose and paranoia you are exhibiting now. I understand what you are going through and forgive you for your actions. I pray you are under medical care for this condition. There are drugs which reduce these effects and prolong the periods of normalness. After your first email informing me (which is inserted below) you had qjail marked RESTRICTED, I replied in a very respectfully manner asking you to inform me what you wanted stated in qjail to make you happy. After a week of no reply from you, it become apparent your intention was to never have the RESTRICTED status removed no matter what. Or more likely you forgot all about it. At that point I installed the ezjail port to read for myself what the ezjail license was all about and I find NO license verbiage at all. Which is an indicator of short term memory lose. The posting of this email where you say I threatened you is a indicator of paranoia. One does not have to be a lawyer to know the lack of any license verbiage embedded in computer programs released to the public becomes property of public domain forever. Putting license verbiage on your next port version is unenforceable because it's already property of public domain. Only due to the respected position you have in the FreeBSD community did the ports administrator accept your word as sufficient cause to mark qjail's port as RESTRICTED. They should have at least reviewed the ezjail port to verify your claim first. Over the last week I have corresponded with the other members of the qjail project team. With hind sight we realize we un-intentional omitted stating any where that qjail was a fork of ezjail. This was not our intention. We plan to correct that over sight by adding the following to the "Authors" section of qjail's man page in the next release of qjail. qjail is a fork of ezjail written by Dirk Engling. I am sending this post to the ports mailing list. I am here by formally requesting the RESTRICTED status be rescinded for lack of creditable evidence to back Dirk Engling claim of qjail's failure to fulfill ezjail's license requirements because there is no ezjail license at all. Respectfully Yours Joe Barbish for the qjail project team. ******************************************************* what follows it the private email to Dirk Engling sent Mon 3/25/2013 7:59 PM ******************************************************* Dirk Engling, I am at a loss to understand your claims in this matter. I just downloaded the current port system ezjail-3.2.3 port and installed it and fail to see any mention of your so called "Beerware" license in the ezjail-admin script or the man page. I respectfully suggest you have the suspension rescinded in the same quick manner in which you got it activated. With out some creditable evidence to back your claim I will be forced to publicly request someone from the ports mailing list to inspect the ezjail-3.2.3 port now in the ports system and let them judge for themselves the validity of your current claim. Just like you emailed me about the suspension being activated I expect you to also notify me of its removal in the next 2 days. I will just consider this whole thing a friendly mis-understanding. Respectfully Yours Joe Barbish for the qjail project team. ************** first contact from Dirk Engling -----Original Message----- From: Dirk Engling [mailto:erdgeist@erdgeist.org] Sent: Wednesday, March 20, 2013 5:42 PM To: Joe Barbish Subject: qjail fork attribution Hi Joe, I noticed your unofficial ezjail fork after your attempts to promote our little project in the FreeBSD handbook. You might possibly have missed the Beerware license attached to the ezjail project that asks anyone using the code to not claim it is theirs. However it appears that you did exactly that and even claim a copyright # Copyright 2010, Qjail project. All rights reserved. that I definitely did not grant you. For that reason I asked the port managers to suspend the qjail port until we have talked things through and I find the Beerware license respected and the project's original authors properly mentioned. http://svnweb.freebsd.org/ports/head/sysutils/qjail/Makefile?r1=311478&r2=31 4731 While in principle I don't have anything against nor can I prevent a fork, I find your approach a little disturbing. Please fix your license attribution in the sense Beerware was intended, so I can withdraw my concerns and ask the ports managers to unset the port's RESTRICTED flag. After that I wish you the best with your project. erdgeist From owner-freebsd-jail@FreeBSD.ORG Tue Mar 26 17:09:39 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id F2BB4615 for ; Tue, 26 Mar 2013 17:09:39 +0000 (UTC) (envelope-from lists@jnielsen.net) Received: from ns1.jnielsen.net (secure.freebsdsolutions.net [69.55.234.48]) by mx1.freebsd.org (Postfix) with ESMTP id DABA3B6D for ; Tue, 26 Mar 2013 17:09:39 +0000 (UTC) Received: from [10.10.1.32] (office.betterlinux.com [199.58.199.60]) (authenticated bits=0) by ns1.jnielsen.net (8.14.4/8.14.4) with ESMTP id r2QH9aK7085991 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Tue, 26 Mar 2013 13:09:37 -0400 (EDT) (envelope-from lists@jnielsen.net) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\)) Subject: Re: add more swap to jail within a jail From: John Nielsen In-Reply-To: <51518C95.2010902@inbox.im> Date: Tue, 26 Mar 2013 11:09:40 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: <2A1C9A2C-248E-4232-89E9-635B44C23CF9@jnielsen.net> References: <51518C95.2010902@inbox.im> To: Nicolas de Bari Embriz Garcia Rojas X-Mailer: Apple Mail (2.1503) X-DCC--Metrics: ns1.jnielsen.net 1282; Body=2 Fuz1=2 Fuz2=2 X-Virus-Scanned: clamav-milter 0.97.5 at ns1.jnielsen.net X-Virus-Status: Clean Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Mar 2013 17:09:40 -0000 On Mar 26, 2013, at 5:55 AM, Nicolas de Bari Embriz Garcia Rojas = wrote: > Hi, how can I add more swap space within a jail ? >=20 > I have a jail with limited resources via rctl with somethiing like: >=20 > jail:myjail:maxproc:deny=3D50 > jail:myjail:memoryuse:deny=3D512M > jail:myjail:swapuse:deny=3D512M >=20 > But I want to know it it is possible to add jail disk space to > increment the swap ? >=20 > I am trying to compile gearmand/boots-libs but I can't since eats to > much memory. >=20 > An initial solution is to add the swap on the host, but is there a way > to do it within the jail so that the (root user/admin) doesn't have to > bother the host admin. I jail does not have its own virtual memory subsystem so I doubt this is = possible or advisable. And even if the host admin configures it, swap = space should NOT be directly readable from a jail as it will likely = contain data from external processes which the jail should not have = access to. JN From owner-freebsd-jail@FreeBSD.ORG Tue Mar 26 20:16:10 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 9A283957 for ; Tue, 26 Mar 2013 20:16:10 +0000 (UTC) (envelope-from cryx-freebsd@h3q.com) Received: from mail.h3q.com (mail.h3q.com [213.73.89.199]) by mx1.freebsd.org (Postfix) with ESMTP id EBDE6C11 for ; Tue, 26 Mar 2013 20:16:09 +0000 (UTC) Received: (qmail 66716 invoked from network); 26 Mar 2013 20:09:25 -0000 Received: from mail.h3q.com (HELO mail.h3q.com) (cryx) by mail.h3q.com with CAMELLIA256-SHA encrypted SMTP; 26 Mar 2013 20:09:25 -0000 Message-ID: <51520073.7080505@h3q.com> Date: Tue, 26 Mar 2013 21:09:23 +0100 From: Philipp Wuensche User-Agent: Postbox 3.0.7 (Macintosh/20130119) MIME-Version: 1.0 To: Fbsd8 Subject: Re: qjail fork attribution was Handbook Jail Chapter rewrite available for critique References: <1UHfYF-000LVV-4Y@internal.tormail.org> <5148980A.1070408@erdgeist.org> <20130321170556.Q32142@sola.nimnet.asn.au> <514CD742.7030207@a1poweruser.com> <5150F9A4.4010903@erdgeist.org> <5151CC28.8060407@a1poweruser.com> In-Reply-To: <5151CC28.8060407@a1poweruser.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Mar 2013 20:16:10 -0000 Fbsd8 wrote: > > Dear Dirk Engling > > I feel sorry for you. I man with such talent and respect has fallen to > such a level of self induced public humiliation. This outburst only > confirms my suspicion that your suffering from dementia caused by > advancing age. I tried to give you a way to save face as I purposed in > my private email to you. But now that you have moved things into the > public light you force me to publicly point out just how confused your > thinking is. First of all, as someone who has contributed code, patches and testing to ezjail and who worked with Dirk together on several projects I have to say that the last person who is unwilling to share his knowledge and/or code or to receive criticism is Dirk. Dear Joe Barbish, We all are writing open source software here, we don't receive money and most of us will not receive fame for it and we are okay with that. The only thing we humbly ask for is to at least give credit where credit is due. This and talking to each other in a friendly way so we can share our knowledge amongst us and keep up communication. You do nothing of that. Let me point out why. You took ezjails code and rewrote every part mentioning "ezjail" to fit your own. Up until here, everything is okay. You just created a fork. But then you took a look at the licence the software is released under and decide its a joke! But you don't stop there, you also add your own licence and claim the copyright! To take things further, you not even come close to the idea of adding at least some credits to the original author of the software. This alone is against everything open source stands for in so many ways. When pointed out to your misbehaving, even if it was done by oversight, the only right thing you could have done is to quickly add the missing credit in your code and apologize. No harm would have been done. But now instead you start to question the original authors concern, even claim his software wasn't licenced correct! You even demand that he starts doing stuff to undo the consequences of your wrongdoing while stating to add the credits that would have been the right thing to do by you in the first place! Not only that but your style of communication is way out of bound regarding manner. This is not the first mail I have to read from you where you accuse people of mental illness or suffering from medication in one way or another. You yourself request professional style of communication from other people while at the same time do no such thing. You my "friend", and please everyone else forgive my choice of language, really are a nasty piece of work! > The FACT is the ezjail-3.2.3 port currently in the port system contains > NO verbiage concerning any type of license. Even the ezjail Makefile > doesn't invoke the BSD license. Btw. the website does: http://erdgeist.org/arts/software/ezjail/#License Greetings, Philipp From owner-freebsd-jail@FreeBSD.ORG Thu Mar 28 15:05:34 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 299F4A52 for ; Thu, 28 Mar 2013 15:05:34 +0000 (UTC) (envelope-from nbari@inbox.im) Received: from eu.route.mx (eu.route.mx [46.137.95.40]) by mx1.freebsd.org (Postfix) with ESMTP id A9256DB7 for ; Thu, 28 Mar 2013 15:05:31 +0000 (UTC) Received: (route-mx 19737 invoked from network); 28 Mar 2013 15:05:24 -0000 Received: from unknown (HELO nbari-z200.diz.la) (nbari@inbox.im@[194.65.5.235]) (envelope-sender ) by eu.route.mx (route-mx) with SMTP for ; 28 Mar 2013 15:05:24 -0000 Message-ID: <51545C33.9010304@inbox.im> Date: Thu, 28 Mar 2013 15:05:23 +0000 From: Nicolas de Bari Embriz Garcia Rojas User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130314 Thunderbird/17.0.4 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: firewall within jail when using VIMAGE Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Mar 2013 15:05:34 -0000 Hi all, what tool can help me to (emulate) PF or a firewall behavior within a jail that it is using VIMAGE ? regards From owner-freebsd-jail@FreeBSD.ORG Thu Mar 28 15:30:18 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id C7367DE for ; Thu, 28 Mar 2013 15:30:18 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) by mx1.freebsd.org (Postfix) with ESMTP id 807B2ED0 for ; Thu, 28 Mar 2013 15:30:18 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.15]) by ltcfislmsgpa06.fnfis.com (8.14.5/8.14.5) with ESMTP id r2SFUAFn032355 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Thu, 28 Mar 2013 10:30:15 -0500 Received: from LTCFISWMSGMB21.FNFIS.com ([10.132.99.23]) by LTCFISWMSGHT04.FNFIS.com ([10.132.206.15]) with mapi id 14.02.0309.002; Thu, 28 Mar 2013 10:30:14 -0500 From: "Teske, Devin" To: Nicolas de Bari Embriz Garcia Rojas Subject: Re: firewall within jail when using VIMAGE Thread-Topic: firewall within jail when using VIMAGE Thread-Index: AQHOK8W5gc1A27IXnEmmzxypRygnPZi7jloA Date: Thu, 28 Mar 2013 15:30:13 +0000 Message-ID: <13CA24D6AB415D428143D44749F57D7201EE8420@ltcfiswmsgmb21> References: <51545C33.9010304@inbox.im> In-Reply-To: <51545C33.9010304@inbox.im> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.132.253.121] Content-Type: text/plain; charset="us-ascii" Content-ID: <762F8150C0738549B617B5302D5371DA@fisglobal.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8626, 1.0.431, 0.0.0000 definitions=2013-03-28_05:2013-03-28,2013-03-28,1970-01-01 signatures=0 Cc: "" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Mar 2013 15:30:18 -0000 On Mar 28, 2013, at 8:05 AM, Nicolas de Bari Embriz Garcia Rojas wrote: > Hi all, what tool can help me to (emulate) PF or a firewall behavior > within a jail that it is using VIMAGE ? >=20 Try my vimage package out... http://druidbsd.sourceforge.net/download.shtml#vimage http://druidbsd.sf.net/vimage.shtml http://devinteske.com/vimage-jails-on-freebsd-8 For running a firewall as a vimage jail, we use ipfw. --=20 HTH Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you. From owner-freebsd-jail@FreeBSD.ORG Thu Mar 28 21:07:05 2013 Return-Path: Delivered-To: freebsd-jail@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 5D3D2A6F; Thu, 28 Mar 2013 21:07:05 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 3840E2E1; Thu, 28 Mar 2013 21:07:05 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r2SL75T1059265; Thu, 28 Mar 2013 21:07:05 GMT (envelope-from jamie@freefall.freebsd.org) Received: (from jamie@localhost) by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r2SL75f9059264; Thu, 28 Mar 2013 21:07:05 GMT (envelope-from jamie) Date: Thu, 28 Mar 2013 21:07:05 GMT Message-Id: <201303282107.r2SL75f9059264@freefall.freebsd.org> To: anonymous@gmail.com, jamie@FreeBSD.org, freebsd-jail@FreeBSD.org, jamie@FreeBSD.org From: jamie@FreeBSD.org Subject: Re: kern/177325: [jail] Jail umounts fstab in the wrong order X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Mar 2013 21:07:05 -0000 Synopsis: [jail] Jail umounts fstab in the wrong order State-Changed-From-To: open->patched State-Changed-By: jamie State-Changed-When: Thu Mar 28 21:05:25 UTC 2013 State-Changed-Why: CURRENT patched in r248854 Responsible-Changed-From-To: freebsd-jail->jamie Responsible-Changed-By: jamie Responsible-Changed-When: Thu Mar 28 21:05:25 UTC 2013 Responsible-Changed-Why: http://www.freebsd.org/cgi/query-pr.cgi?pr=177325 From owner-freebsd-jail@FreeBSD.ORG Thu Mar 28 21:07:10 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 1B595A73 for ; Thu, 28 Mar 2013 21:07:10 +0000 (UTC) (envelope-from jlh@FreeBSD.org) Received: from caravan.chchile.org (caravan.chchile.org [178.32.125.136]) by mx1.freebsd.org (Postfix) with ESMTP id DCC5E2E3 for ; Thu, 28 Mar 2013 21:07:09 +0000 (UTC) Received: by caravan.chchile.org (Postfix, from userid 1000) id C28F1BEF4B; Thu, 28 Mar 2013 20:59:28 +0000 (UTC) Date: Thu, 28 Mar 2013 21:59:28 +0100 From: Jeremie Le Hen To: Nicolas de Bari Embriz Garcia Rojas Subject: Re: add more swap to jail within a jail Message-ID: <20130328205928.GB30222@caravan.chchile.org> Mail-Followup-To: Nicolas de Bari Embriz Garcia Rojas , freebsd-jail@freebsd.org References: <51518C95.2010902@inbox.im> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <51518C95.2010902@inbox.im> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Mar 2013 21:07:10 -0000 On Tue, Mar 26, 2013 at 11:55:01AM +0000, Nicolas de Bari Embriz Garcia Rojas wrote: > [...] Please, do not reply a random email to create a new thread. I know this saves you the time of typing the mailing-list address but when you do that, the Message-Id header content is reused in the In-Reply-To header. Many mail clients honor this by folding those messages into the same "thread", so basically your new thread appears in the middle of another one. -- Jeremie Le Hen Scientists say the world is made up of Protons, Neutrons and Electrons. They forgot to mention Morons. From owner-freebsd-jail@FreeBSD.ORG Thu Mar 28 21:17:40 2013 Return-Path: Delivered-To: freebsd-jail@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 5B1EBB92; Thu, 28 Mar 2013 21:17:40 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 4E861336; Thu, 28 Mar 2013 21:17:40 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r2SLHenV061804; Thu, 28 Mar 2013 21:17:40 GMT (envelope-from jamie@freefall.freebsd.org) Received: (from jamie@localhost) by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r2SLHetw061803; Thu, 28 Mar 2013 21:17:40 GMT (envelope-from jamie) Date: Thu, 28 Mar 2013 21:17:40 GMT Message-Id: <201303282117.r2SLHetw061803@freefall.freebsd.org> To: spankthespam@gmail.com, jamie@FreeBSD.org, freebsd-jail@FreeBSD.org From: jamie@FreeBSD.org Subject: Re: kern/176482: [jail] Jails not unmounting devfs on exit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Mar 2013 21:17:40 -0000 Synopsis: [jail] Jails not unmounting devfs on exit State-Changed-From-To: open->closed State-Changed-By: jamie State-Changed-When: Thu Mar 28 21:09:47 UTC 2013 State-Changed-Why: Working as expected. When mount.devfs (or any other sort of mount) is given on the command line along with the -c option, that mount is duly made as part of the jail creation. But there is nowhere to mark those mount points as "belonging" to that ephemeral jail, or to mark the jail as having those mounts. When such a jail is them removed, there's then no way to know the directory should be unmounted. If you want to keep track of such things for proper handling in later removal, you should put those options in /etc/jail.conf (or some other config file that you should take care to include in the removal command line. Then the jail's parameters will be read when the jail is removed, and all of the desired takedown steps can occur - including not only unmounting a dev directory, but running rc.shutdown and other good things. http://www.freebsd.org/cgi/query-pr.cgi?pr=176482 From owner-freebsd-jail@FreeBSD.ORG Fri Mar 29 11:14:41 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 0C9F0FDB for ; Fri, 29 Mar 2013 11:14:41 +0000 (UTC) (envelope-from lyris-noreply@lyris.sunbelt-software.com) Received: from lyris.sunbelt-software.com (lyris.sunbelt-software.com [66.129.99.81]) by mx1.freebsd.org (Postfix) with SMTP id CE80EA4A for ; Fri, 29 Mar 2013 11:14:40 +0000 (UTC) Message-ID: X-lyris-type: match-phrase From: "Lyris ListManager" To: freebsd-jail@freebsd.org Subject: No Attachments Please Date: Fri, 29 Mar 2013 06:45:09 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Mar 2013 11:14:41 -0000 You sent an email to the Exchange list with an attachment. We have disabled this option as recently a virus was attached. Please resend your posting without it? Thanks! From owner-freebsd-jail@FreeBSD.ORG Sat Mar 30 17:33:53 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 44B9FF3B for ; Sat, 30 Mar 2013 17:33:53 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [217.13.206.130]) by mx1.freebsd.org (Postfix) with ESMTP id 9C62A227 for ; Sat, 30 Mar 2013 17:33:52 +0000 (UTC) Received: (qmail 27913 invoked from network); 30 Mar 2013 17:33:45 -0000 Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org) by elektropost.org with CAMELLIA256-SHA encrypted SMTP; 30 Mar 2013 17:33:45 -0000 Message-ID: <515721F8.9090202@erdgeist.org> Date: Sat, 30 Mar 2013 18:33:44 +0100 From: Dirk Engling User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130307 Thunderbird/17.0.4 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: rc.d/jail and jail.conf X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Mar 2013 17:33:53 -0000 Dear jail hackers, if I follow the development correctly, the jail(8) command was augmented to make the rc.d/jail script obsolete. However when I want to use the rc system to start my jails, I am stuck with convincing rc.d/jail to not fail for missing _hostname or _rootdir. How am I supposed to have my jails started at boot time? And while we're at it, is there a rcorder-style way to introduce dependencies into jail.conf to control the order my jails are started in? Which brings me to another point, there does not seem to be a way to convince rc.d/jail to set a jailname for old style jails, making it hard to integrate with tools that use libjail to translate what were _hostname parameters to jid before. On a related note, in order to finally include all the nextgen jail features in my ezjail project, I wonder if there's an automated tool to read/write/modify jail.conf(s) on the radar. Currently I am considering keeping my own set of configs and generating a jail.conf per jail on the fly, which I do not think is in the user's interest as conflicting jailnames may occur. In theory a parser would be enough, but having to automatically recreate and correctly reorder all user comments and += statements in the config file when re-writing the file seems a rather hard problem, too. Regards and thanks in advance, erdgeist From owner-freebsd-jail@FreeBSD.ORG Sat Mar 30 20:38:31 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 14CD914F for ; Sat, 30 Mar 2013 20:38:31 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) by mx1.freebsd.org (Postfix) with ESMTP id CD72DB17 for ; Sat, 30 Mar 2013 20:38:30 +0000 (UTC) Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 92EFF28427; Sat, 30 Mar 2013 21:38:24 +0100 (CET) Received: from [192.168.1.2] (ip-89-177-49-222.net.upcbroadband.cz [89.177.49.222]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id B64DE28436; Sat, 30 Mar 2013 21:38:23 +0100 (CET) Message-ID: <51574D3F.9040300@quip.cz> Date: Sat, 30 Mar 2013 21:38:23 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.9.1.19) Gecko/20110420 Lightning/1.0b1 SeaMonkey/2.0.14 MIME-Version: 1.0 To: Dirk Engling Subject: Re: rc.d/jail and jail.conf References: <515721F8.9090202@erdgeist.org> In-Reply-To: <515721F8.9090202@erdgeist.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Mar 2013 20:38:31 -0000 Dirk Engling wrote: > if I follow the development correctly, the jail(8) command was augmented > to make the rc.d/jail script obsolete. However when I want to use the rc > system to start my jails, I am stuck with convincing rc.d/jail to not > fail for missing _hostname or _rootdir. Jails in any RELEASE version of FreeBSD are not 100% ready to be started by "the new way". The old rc.d/jail + rc.conf style is still the only one officially supported. (see my posts one week ago) > How am I supposed to have my jails started at boot time? And while we're > at it, is there a rcorder-style way to introduce dependencies into > jail.conf to control the order my jails are started in? You can use sysutils/jail2 but be aware of devfs problem... In theory, with jail.conf you should use "depend" (see man jail) to define jail dependencies. > Which brings me to another point, there does not seem to be a way to > convince rc.d/jail to set a jailname for old style jails, making it hard > to integrate with tools that use libjail to translate what were > _hostname parameters to jid before. There is a way, you should use flags. I discussed this topic with bz@ few years ago and this is the official recommendation how newly added features should be used without changes in rc.d/jail jail_myjail_flags="-l -U root -n myjail" Miroslav Lachman From owner-freebsd-jail@FreeBSD.ORG Sat Mar 30 20:52:31 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 156214A2 for ; Sat, 30 Mar 2013 20:52:31 +0000 (UTC) (envelope-from nbari@inbox.im) Received: from eu.route.mx (eu.route.mx [46.137.95.40]) by mx1.freebsd.org (Postfix) with ESMTP id 897FABF4 for ; Sat, 30 Mar 2013 20:52:30 +0000 (UTC) Received: (route-mx 64445 invoked from network); 30 Mar 2013 20:52:22 -0000 Received: from 89-181-202-22.net.novis.pt (HELO [192.168.1.103]) (nbari@inbox.im@[89.181.202.22]) (envelope-sender ) by eu.route.mx (route-mx) with AES128-SHA encrypted SMTP for ; 30 Mar 2013 20:52:22 -0000 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\)) Subject: Re: rc.d/jail and jail.conf From: Nicolas de Bari Embriz Garcia Rojas In-Reply-To: <515721F8.9090202@erdgeist.org> Date: Sat, 30 Mar 2013 20:52:13 +0000 Content-Transfer-Encoding: quoted-printable Message-Id: References: <515721F8.9090202@erdgeist.org> To: Dirk Engling X-Mailer: Apple Mail (2.1503) Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Mar 2013 20:52:31 -0000 If for starting at boot time when using jail.conf you can use the = sysutils/jail2 port If I am right you can define the order of start for jails in the = jail2_list (rc.conf), something like:=20 jail2_list=3D"jail1 jail2"=20 regards. On Mar 30, 2013, at 5:33 PM, Dirk Engling wrote: > Dear jail hackers, >=20 > if I follow the development correctly, the jail(8) command was = augmented > to make the rc.d/jail script obsolete. However when I want to use the = rc > system to start my jails, I am stuck with convincing rc.d/jail to not > fail for missing _hostname or _rootdir. >=20 > How am I supposed to have my jails started at boot time? And while = we're > at it, is there a rcorder-style way to introduce dependencies into > jail.conf to control the order my jails are started in? >=20 > Which brings me to another point, there does not seem to be a way to > convince rc.d/jail to set a jailname for old style jails, making it = hard > to integrate with tools that use libjail to translate what were > _hostname parameters to jid before. >=20 > On a related note, in order to finally include all the nextgen jail > features in my ezjail project, I wonder if there's an automated tool = to > read/write/modify jail.conf(s) on the radar. Currently I am = considering > keeping my own set of configs and generating a jail.conf per jail on = the > fly, which I do not think is in the user's interest as conflicting > jailnames may occur. >=20 > In theory a parser would be enough, but having to automatically = recreate > and correctly reorder all user comments and +=3D statements in the = config > file when re-writing the file seems a rather hard problem, too. >=20 > Regards and thanks in advance, >=20 > erdgeist > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to = "freebsd-jail-unsubscribe@freebsd.org" From owner-freebsd-jail@FreeBSD.ORG Sat Mar 30 20:59:56 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id D22F2767 for ; Sat, 30 Mar 2013 20:59:56 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [217.13.206.130]) by mx1.freebsd.org (Postfix) with ESMTP id 35011C2B for ; Sat, 30 Mar 2013 20:59:55 +0000 (UTC) Received: (qmail 54634 invoked from network); 30 Mar 2013 20:59:54 -0000 Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org) by elektropost.org with AES256-SHA encrypted SMTP; 30 Mar 2013 20:59:54 -0000 Date: Sat, 30 Mar 2013 21:59:53 +0100 (CET) From: Dirk Engling To: Nicolas de Bari Embriz Garcia Rojas Subject: Re: rc.d/jail and jail.conf In-Reply-To: Message-ID: References: <515721F8.9090202@erdgeist.org> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Mar 2013 20:59:56 -0000 On Sat, 30 Mar 2013, Nicolas de Bari Embriz Garcia Rojas wrote: > If I am right you can define the order of start for jails in the jail2_list (rc.conf), something like: > > jail2_list="jail1 jail2" Thanks, I suppose it mimicks the way rc.d/jail has handled it. I just wondered if there's a way to have this order automatically determined by a dependency graph, it's a minor request, though. Regards, erdgeist From owner-freebsd-jail@FreeBSD.ORG Sat Mar 30 21:27:40 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 2E024990 for ; Sat, 30 Mar 2013 21:27:40 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [217.13.206.130]) by mx1.freebsd.org (Postfix) with ESMTP id 840E7D2A for ; Sat, 30 Mar 2013 21:27:39 +0000 (UTC) Received: (qmail 59538 invoked from network); 30 Mar 2013 21:27:38 -0000 Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org) by elektropost.org with CAMELLIA256-SHA encrypted SMTP; 30 Mar 2013 21:27:38 -0000 Message-ID: <515758C9.9080302@erdgeist.org> Date: Sat, 30 Mar 2013 22:27:37 +0100 From: Dirk Engling User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130307 Thunderbird/17.0.4 MIME-Version: 1.0 To: Miroslav Lachman <000.fbsd@quip.cz> Subject: Re: rc.d/jail and jail.conf References: <515721F8.9090202@erdgeist.org> <51574D3F.9040300@quip.cz> In-Reply-To: <51574D3F.9040300@quip.cz> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Mar 2013 21:27:40 -0000 On 30.03.13 21:38, Miroslav Lachman wrote: > There is a way, you should use flags. I discussed this topic with bz@ > few years ago and this is the official recommendation how newly added > features should be used without changes in rc.d/jail > > jail_myjail_flags="-l -U root -n myjail" Thanks, I need a switch, since -n only was introduced in 9.1, is it there to stay? Out of curiosity, why doesn't the jailname default to the hostname, if none is given? erdgeist From owner-freebsd-jail@FreeBSD.ORG Sat Mar 30 23:06:50 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id EFE7C756 for ; Sat, 30 Mar 2013 23:06:50 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) by mx1.freebsd.org (Postfix) with ESMTP id B1A0EF61 for ; Sat, 30 Mar 2013 23:06:50 +0000 (UTC) Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 3A11628431; Sun, 31 Mar 2013 00:06:49 +0100 (CET) Received: from [192.168.1.2] (ip-89-177-49-222.net.upcbroadband.cz [89.177.49.222]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 6C6B02842D; Sun, 31 Mar 2013 00:06:48 +0100 (CET) Message-ID: <51577007.1080707@quip.cz> Date: Sun, 31 Mar 2013 00:06:47 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.9.1.19) Gecko/20110420 Lightning/1.0b1 SeaMonkey/2.0.14 MIME-Version: 1.0 To: Dirk Engling Subject: Re: rc.d/jail and jail.conf References: <515721F8.9090202@erdgeist.org> <51574D3F.9040300@quip.cz> <515758C9.9080302@erdgeist.org> In-Reply-To: <515758C9.9080302@erdgeist.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Mar 2013 23:06:51 -0000 Dirk Engling wrote: > On 30.03.13 21:38, Miroslav Lachman wrote: > >> There is a way, you should use flags. I discussed this topic with bz@ >> few years ago and this is the official recommendation how newly added >> features should be used without changes in rc.d/jail >> >> jail_myjail_flags="-l -U root -n myjail" > > Thanks, I need a switch, since -n only was introduced in 9.1, is it > there to stay? jail -n is there for a long time. I have it on an old 7.3 machine too. On 9.1 I read this in man page: -n jailname Set the jail's name. This is deprecated and is equivalent to the name parameter. So in 9.1 (and 8.x) you can use `jail name=myjail` And as 7.x is EOL, there is only 8.3 and 9.1 as supported releases (9.0 EOL date is 2013-03-31), you can go with name=myjail syntax. > Out of curiosity, why doesn't the jailname default to the hostname, if > none is given? Jail's hostname doesn't need to be unique. And AFAIK jail name on FreeBSD 7.x doesn't need to be unique too. But for 8.3 and 9.x it is used as unique identifier. If name is not set, it is assumed to be the same as JID. Miroslav Lachman