From owner-freebsd-current@FreeBSD.ORG Tue Jul 20 14:43:43 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D5E8E16A4CE; Tue, 20 Jul 2004 14:43:43 +0000 (GMT) Received: from smtp.cegetel.net (mf00.sitadelle.com [212.94.174.77]) by mx1.FreeBSD.org (Postfix) with ESMTP id DA83B43D2D; Tue, 20 Jul 2004 14:43:42 +0000 (GMT) (envelope-from tataz@sitadelle.com) Received: from droopy.tech.sitadelle.com (unknown [213.223.184.193]) by smtp.cegetel.net (Postfix) with ESMTP id D32216733F; Tue, 20 Jul 2004 16:43:39 +0200 (CEST) Received: by droopy.tech.sitadelle.com (Postfix, from userid 1000) id 74814FC2F5; Tue, 20 Jul 2004 16:44:34 +0200 (CEST) Date: Tue, 20 Jul 2004 16:44:34 +0200 From: Jeremie Le Hen To: freebsd-current@freebsd.org Message-ID: <20040720144434.GT9548@sitadelle.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="h31gzZEtNLTqOjlF" Content-Disposition: inline User-Agent: Mutt/1.5.5.1+cvs20040105i Subject: mount(8) and /etc/rc.d/jail X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Jul 2004 14:43:44 -0000 --h31gzZEtNLTqOjlF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello -current, I have a jail running Postfix whose filesystem is mirrored from the host using mount_nullfs(8). The problem is that when I upgrade the Postfix, the port removes /usr/local/libexec/postfix/, which is mount_nullfs'ed on /jail/postfix/usr/local/libexec/postfix/, then recreates it, but the vnode is obsviously not the same and thus the nullfs mount is not valid any longer. Of course, I can simply install Postfix in the jail filesystem and not on the host, but I consider this as a workaround and furthermore I want to run Postfix from the host itself. I was fed up with typing for fs in `mount | awk '/postfix/ {print $3}'` ; do umount $i ; done each time I don't forget to do it. I decided to make the rc(8) jail script manage the mounts for each jail. There was two ways to do it : * either use a tiny awk script to parse fstab(5) file and some magic shell gymnatic to mount/umount when starting/stopping the jail, * or make a new mount(8)/umount(8) option to act only on mount points which match a given prefix. I implemented the second solution, but if someone has a good argument to use the first one instead, I'm ready to listen to him. Two patches are attached. I didn't make a PR since I would like to see what people think before sending it. The first patch adds a `-c' flags to mount(8) and umount(8) whose argument is the prefix to match for (`c' for `cmp', since `p' is already used in mount(8)). I tested it against my system and it seems to work quite well. Nevertheless a friend of mine pointed me that matching against a pathname could be delicate because of symlinks. I don't really know how to overcome this, except I can put some king of warning or advice in the manpage. Suggestions are very welcome. The second patch simply modifies the rc(8) jail script to take advantage of the first one. It works well either. Regards, -- Jeremie LE HEN aka TtZ/TataZ jeremie.le-hen@epita.fr ttz@epita.fr Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread! --h31gzZEtNLTqOjlF Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="mount-c.patch" Index: sbin/mount/mount.8 =================================================================== RCS file: /home/ncvs/src/sbin/mount/mount.8,v retrieving revision 1.68 diff -u -p -r1.68 mount.8 --- sbin/mount/mount.8 17 May 2004 08:35:42 -0000 1.68 +++ sbin/mount/mount.8 20 Jul 2004 13:00:16 -0000 @@ -37,6 +37,7 @@ .Sh SYNOPSIS .Nm .Op Fl adfpruvw +.Op Fl c Ar prefix .Op Fl F Ar fstab .Op Fl o Ar options .Op Fl t Ar ufs | external_type @@ -80,9 +81,18 @@ Exceptions are those marked as .Dq noauto , excluded by the .Fl t +flag (see below), restricted by the +.Fl c flag (see below), or if they are already mounted (except the root file system which is always remounted to preserve traditional single user mode behavior). +.It Fl c +This flag can be used to indicate that the action should only occur +when the mount point matches +.Pa prefix . +Note that this does only make sense with the +.Fl a +flag. .It Fl d Causes everything to be done except for the actual system call. This option is useful in conjunction with the Index: sbin/mount/mount.c =================================================================== RCS file: /home/ncvs/src/sbin/mount/mount.c,v retrieving revision 1.66 diff -u -p -r1.66 mount.c --- sbin/mount/mount.c 26 Apr 2004 15:13:45 -0000 1.66 +++ sbin/mount/mount.c 20 Jul 2004 13:00:16 -0000 @@ -132,17 +132,21 @@ main(argc, argv) FILE *mountdfp; pid_t pid; int all, ch, i, init_flags, mntsize, rval, have_fstab; - char *cp, *ep, *options; + char *cmp, *cp, *ep, *options; all = init_flags = 0; + cmp = NULL; options = NULL; vfslist = NULL; vfstype = "ufs"; - while ((ch = getopt(argc, argv, "adF:fo:prwt:uv")) != -1) + while ((ch = getopt(argc, argv, "ac:dF:fo:prwt:uv")) != -1) switch (ch) { case 'a': all = 1; break; + case 'c': + cmp = optarg; + break; case 'd': debug = 1; break; @@ -186,6 +190,9 @@ main(argc, argv) argc -= optind; argv += optind; + if (all == 0 && cmp != NULL) + warnx("Warning: use of -c without -a"); + #define BADTYPE(type) \ (strcmp(type, FSTAB_RO) && \ strcmp(type, FSTAB_RW) && strcmp(type, FSTAB_RQ)) @@ -200,6 +207,9 @@ main(argc, argv) if (BADTYPE(fs->fs_type)) continue; if (checkvfsname(fs->fs_vfstype, vfslist)) + continue; + if (cmp != NULL && + strncmp(fs->fs_file, cmp, strlen(cmp))) continue; if (hasopt(fs->fs_mntops, "noauto")) continue; Index: sbin/umount/umount.8 =================================================================== RCS file: /home/ncvs/src/sbin/umount/umount.8,v retrieving revision 1.20 diff -u -p -r1.20 umount.8 --- sbin/umount/umount.8 9 Apr 2004 19:58:40 -0000 1.20 +++ sbin/umount/umount.8 20 Jul 2004 13:00:17 -0000 @@ -40,6 +40,7 @@ .Ar special | node | fsid .Nm .Fl a | A +.Op Fl c Ar prefix .Op Fl F Ar fstab .Op Fl fv .Op Fl h Ar host @@ -68,6 +69,15 @@ are unmounted. .It Fl A All the currently mounted file systems except the root are unmounted. +.It Fl c +This flag can be used to indicate that the action should only occur +when the mount point matches +.Pa prefix . +Note that this does only make sens with the +.Fl a +or +.Fl A +flags. .It Fl F Ar fstab Specify the .Pa fstab Index: sbin/umount/umount.c =================================================================== RCS file: /home/ncvs/src/sbin/umount/umount.c,v retrieving revision 1.44 diff -u -p -r1.44 umount.c --- sbin/umount/umount.c 9 Apr 2004 19:58:40 -0000 1.44 +++ sbin/umount/umount.c 20 Jul 2004 13:00:17 -0000 @@ -66,6 +66,7 @@ typedef enum { FIND, REMOVE, CHECKUNIQUE struct addrinfo *nfshost_ai = NULL; int fflag, vflag; char *nfshost; +char *cmp = NULL; struct statfs *checkmntlist(char *); int checkvfsname (const char *, char **); @@ -94,7 +95,7 @@ main(int argc, char *argv[]) sync(); all = errs = 0; - while ((ch = getopt(argc, argv, "AaF:fh:t:v")) != -1) + while ((ch = getopt(argc, argv, "Aac:F:fh:t:v")) != -1) switch (ch) { case 'A': all = 2; @@ -102,6 +103,9 @@ main(int argc, char *argv[]) case 'a': all = 1; break; + case 'c': + cmp = optarg; + break; case 'F': setfstab(optarg); break; @@ -153,6 +157,9 @@ main(int argc, char *argv[]) sfs = &mntbuf[mntsize]; if (checkvfsname(sfs->f_fstypename, typelist)) continue; + if (cmp != NULL && + strncmp(sfs->f_mntonname, cmp, strlen(cmp))) + continue; if (umountfs(sfs) != 0) errs = 1; } @@ -164,6 +171,8 @@ main(int argc, char *argv[]) errs = umountall(typelist); break; case 0: + if (cmp != NULL) + warnx("Warning: use of -c without -a nor -A"); for (errs = 0; *argv != NULL; ++argv) if (checkname(*argv, typelist) != 0) errs = 1; @@ -203,6 +212,8 @@ umountall(char **typelist) if (getvfsbyname(fs->fs_vfstype, &vfc) == -1) continue; if (checkvfsname(fs->fs_vfstype, typelist)) + continue; + if (cmp != NULL && strncmp(fs->fs_file, cmp, strlen(cmp))) continue; /* --h31gzZEtNLTqOjlF Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="jail_mount.patch" Index: etc/defaults/rc.conf =================================================================== RCS file: /home/ncvs/src/etc/defaults/rc.conf,v retrieving revision 1.210 diff -u -p -r1.210 rc.conf --- etc/defaults/rc.conf 30 Jun 2004 15:58:46 -0000 1.210 +++ etc/defaults/rc.conf 20 Jul 2004 12:59:37 -0000 @@ -489,6 +489,7 @@ jail_sysvipc_allow="NO" # Allow SystemV #jail_example_fdescfs_enable="NO" # mount fdescfs in the jail #jail_example_procfs_enable="NO" # mount procfs in jail #jail_example_devfs_ruleset="ruleset_name" # devfs ruleset to apply to jail +#jail_example_mount_enable="NO" # mount jail's fstab entries ############################################################## ### Define source_rc_confs, the mechanism used by /etc/rc.* ## Index: etc/rc.d/jail =================================================================== RCS file: /home/ncvs/src/etc/rc.d/jail,v retrieving revision 1.14 diff -u -p -r1.14 jail --- etc/rc.d/jail 8 Mar 2004 12:25:05 -0000 1.14 +++ etc/rc.d/jail 20 Jul 2004 12:59:37 -0000 @@ -44,12 +44,15 @@ init_variables() [ -z "${jail_fdescfs}" ] && jail_fdescfs="NO" eval jail_procfs=\"\$jail_${_j}_procfs_enable\" [ -z "${jail_procfs}" ] && jail_procfs="NO" + eval jail_mount=\"\$jail_${_j}_mount_enable\" + [ -z "${jail_mount}" ] && jail_mount="NO" # Debugging aid # debug "$_j devfs enable: $jail_devfs" debug "$_j fdescfs enable: $jail_fdescfs" debug "$_j procfs enable: $jail_procfs" + debug "$_j mount enable: $jail_mount" debug "$_j hostname: $jail_hostname" debug "$_j ip: $jail_ip" debug "$_j root: $jail_rootdir" @@ -108,6 +111,10 @@ jail_umount_fs() umount -f ${jail_procdir} >/dev/null 2>&1 fi fi + + if checkyesno jail_mount; then + umount -A -c ${jail_rootdir} >/dev/null 2>&1 + fi } jail_start() @@ -125,6 +132,10 @@ jail_start() for _jail in ${jail_list} do init_variables $_jail + if checkyesno jail_mount; then + info "Mounting jail's fstab entries" + mount -a -c ${jail_rootdir} + fi if checkyesno jail_devfs; then info "Mounting devfs on ${jail_devdir}" devfs_mount_jail "${jail_devdir}" ${jail_ruleset} --h31gzZEtNLTqOjlF--