From owner-freebsd-bugs@FreeBSD.ORG Fri Aug 20 11:40:08 2010 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5E7031065674 for ; Fri, 20 Aug 2010 11:40:08 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id CC8988FC18 for ; Fri, 20 Aug 2010 11:40:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o7KBe1xx080107 for ; Fri, 20 Aug 2010 11:40:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o7KBe11U080106; Fri, 20 Aug 2010 11:40:01 GMT (envelope-from gnats) Resent-Date: Fri, 20 Aug 2010 11:40:01 GMT Resent-Message-Id: <201008201140.o7KBe11U080106@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Kenneth Vestergaard Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E0F80106566C for ; Fri, 20 Aug 2010 11:31:51 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id CFD678FC14 for ; Fri, 20 Aug 2010 11:31:51 +0000 (UTC) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o7KBVpNb028063 for ; Fri, 20 Aug 2010 11:31:51 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id o7KBVpeB028062; Fri, 20 Aug 2010 11:31:51 GMT (envelope-from nobody) Message-Id: <201008201131.o7KBVpeB028062@www.freebsd.org> Date: Fri, 20 Aug 2010 11:31:51 GMT From: Kenneth Vestergaard To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: misc/149831: [PATCH] add support to /etc/rc.d/jail for delegating ZFS-filesystems to jails X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Aug 2010 11:40:10 -0000 >Number: 149831 >Category: misc >Synopsis: [PATCH] add support to /etc/rc.d/jail for delegating ZFS-filesystems to jails >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Aug 20 11:40:01 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Kenneth Vestergaard >Release: 8.1-RELEASE >Organization: pil.dk >Environment: FreeBSD mckusick.pil.dk 8.1-RELEASE FreeBSD 8.1-RELEASE #12: Fri Aug 6 00:18:40 CEST 2010 root@mckusick.pil.dk:/usr/obj/dana/src/freebsd8/src/sys/MCKUSICK amd64 >Description: A simple patch adding an rc.conf-variable to make /etc/rc.d/jail run 'zfs jail $jid' on all filesystems with 'jailed=on' set beneath the path specified in jail_$name_delegate_path. >How-To-Repeat: >Fix: Patch attached with submission follows: # $PIL$ Add a jail_NAME_delegate_path-variable to rc.conf, which'll delegate all jailed zfs's under that path to the newly-started jail. --- src/etc/rc.d/jail.orig 2010-08-20 12:15:24.720731927 +0200 +++ src/etc/rc.d/jail 2010-08-20 13:16:24.744226221 +0200 @@ -41,6 +41,7 @@ eval _ip=\"\$jail_${_j}_ip\" eval _interface=\"\${jail_${_j}_interface:-${jail_interface}}\" eval _exec=\"\$jail_${_j}_exec\" + eval _delegate_path=\"\$jail_${_j}_delegate_path\" i=0 while : ; do @@ -132,6 +133,7 @@ debug "$_j procdir: $_procdir" debug "$_j ruleset: $_ruleset" debug "$_j fstab: $_fstab" + debug "$_j delegate_path: $_delegate_path" i=0 while : ; do @@ -640,6 +642,14 @@ if [ "$?" -eq 0 ] ; then _jail_id=$(head -1 ${_tmp_jail}) + + if [ ! -z "${_delegate_path}" ] ; then + /sbin/zfs get -s local -rH -o name,value jailed ${_delegate_path} | \ + /usr/bin/awk '$2 == "on" { print $1 }' | \ + /usr/bin/xargs -I % /sbin/zfs jail ${_jail_id} % + jail -m jid=${_jail_id} allow.mount=1 + fi + i=1 while : ; do eval out=\"\${_exec_afterstart${i}:-''}\" >Release-Note: >Audit-Trail: >Unformatted: