Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 11 Sep 2006 15:17:28 -0700 (PDT)
From:      David Thompson <dat1965@yahoo.com>
To:        Christopher Cowart <ccowart@rescomp.berkeley.edu>
Cc:        freebsd-rc@freebsd.org
Subject:   Re: isc-dhcpd.sh jail options conflict with /etc/rc.subr
Message-ID:  <20060911221728.15607.qmail@web55106.mail.re4.yahoo.com>
In-Reply-To: <20060911203249.GA20764@rescomp.berkeley.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 

--- Christopher Cowart <ccowart@rescomp.berkeley.edu> wrote:
> The port for isc-dhcp3-server has config options for enabling FreeBSD
> process jails. Basically, through a series of command line arguments
> that are generated by the isc-dhcpd.sh script, the chroot is
> auto-generated when you start the service and dhcpd makes the syscall to
> jail itself. This is actually really nifty and makes the process of
> running dhcpd in a thin jail brainless.
> 
> The problem happens when I run "isc-dhcpd.sh stop": 
> dhcpd not running? (check /var/jails/dhcpd/var/run/dhcpd/dhcpd.pid).
> 
> Well, I know better. dhcpd is clearly running with the pid indicated in
> the pid file. After investigating /etc/rc.subr, I've determined the
> cause (where $JID is the jid of the running rc script and $_jid is the
> jid of the process, determined by ps output):
>   if [ "$JID" -eq "$_jid" ];
> 
> This prevents me from using the rc script outside the jail to stop the
> jail'd dhcpd process. /etc/rc.subr is making a false assumption that
> people won't want to be controlling jailed services via rc scripts on
> the host machine.
> 
> My question is how do I get around this? I'd prefer not to hack rc.subr
> unless it's a community-useable patch that can be incorporated back into
> the official sources. One option would be to allow rc scripts to set
> some sort of "CHECK_JAILS" variable and to implement the necessary logic
> to handle it in rc.subr. Is there a better solution?

One idea might be to hack your isc-dhcpd.sh script so that right
after the /etc/rc.subr is sourced, you add your own command to
properly set JID,

    . /etc/rc.subr
    JID=`...your own command to set JID correctly...`

--
David

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060911221728.15607.qmail>