From owner-freebsd-hackers Mon Dec 10 1: 6:39 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from mars-gw.morning.ru (ns.morning.ru [195.161.98.5]) by hub.freebsd.org (Postfix) with ESMTP id 07E6637B417; Mon, 10 Dec 2001 01:06:31 -0800 (PST) Received: from NDNM ([195.161.98.250]) by mars-gw.morning.ru (8.11.5/8.11.5) with ESMTP id fBA93N624568; Mon, 10 Dec 2001 16:03:31 +0700 (KRAT) Date: Mon, 10 Dec 2001 16:08:15 +0700 From: Igor M Podlesny X-Mailer: The Bat! (v1.53d) Business Organization: Morning Network X-Priority: 3 (Normal) Message-ID: <136249500292.20011210160815@morning.ru> To: Terry Lambert Cc: Dima Dorfman , chris@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re[2]: jail.c.patch (allowing to use hostnames when invoking jail(8)) In-Reply-To: <3C141F9E.D7681BCC@mindspring.com> References: <20011209205442.C8D0A3E2F@bazooka.trit.org> <3C141F9E.D7681BCC@mindspring.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Dima Dorfman wrote: >> Here's an updated patch which is a result of comments from a few >> people. The changes are: (a) deconfuse the usage message by not >> naming two arguments as "hostname" (that was sloppiness on my part), >> and (b) remove a redundant inet_aton call (gethostbyname(3) will DTRT >> with an IP address) [1]. >> >> [1] It probably shouldn't, since as others have pointed out to me, >> "1.1.1.1" is a valid DNS name. The correct solution would be to have >> a flag which makes it explicit whether the argument is an IP address >> or DNS name, but few, if any, other programs in the system do this, >> and I don't think this is a good place to start. > This is why the inte_aton() call is still necessary. > And it won't "do the right thing", per se, since it wants to kick > a DNS query off for a purely numeric tupple set. > I, and I suspect others, start jails up at boot time, well before > any network connection has been established. You are requiring us > to install caching DNS servers with preloaded caches, and delay > starting up until after the servers are started. > This is marginally unacceptable. > One of the reasons I use jails is to establish a set of 13 virtual > hosts, one of which acts as the root DNS server for a testbed that > pretends that it is the real Internet root DNS server. > In other jails, I run "client" DNS machines with DNS delegations > from this "root" server, which also do inter-host (inter-jail, in > reality) zone synchornization. > If/when these zones are in conflict (e.g. when I run a NAT in two > or more of them with a 10.x address block for each, and then VPN > between them using address block translation to translate 10.1 to > 10.2 and vice versa in each, with DNS forwarding for the block so > that name lookups work as expected), then I am screwed by your > change, since I can't have two canonical names for the same IP > address later. > Please call inet_aton(), and then _only_ if that fails, call the > gethostbyname(). :) My patch was originally made because of this namely. I wanted just to have add-on working as fall-through. Hope you guys will commit it. ;) p.s. I keep my jails hostnames in /etc/hosts > PS: Your man pages are better. > -- Terry -- Igor mailto:poige@morning.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message