From owner-freebsd-current@FreeBSD.ORG Thu Mar 4 02:40:37 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B74B316A4CE for ; Thu, 4 Mar 2004 02:40:37 -0800 (PST) Received: from dd2314.kasserver.com (dd2314.kasserver.com [81.209.184.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2898C43D53 for ; Thu, 4 Mar 2004 02:40:37 -0800 (PST) (envelope-from outi@outi.echsi.de) Received: from outi.echsi.de (unknown [217.6.14.10]) by dd2314.kasserver.com (Postfix) with ESMTP id 7E62F66449; Thu, 4 Mar 2004 11:40:32 +0100 (CET) Message-ID: <40470792.7060309@outi.echsi.de> Date: Thu, 04 Mar 2004 11:40:19 +0100 From: Patrick Hurrelmann User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Eirik Oeverby References: <1078394634.91467.0.camel@eirik.unicore.no> In-Reply-To: <1078394634.91467.0.camel@eirik.unicore.no> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-current@freebsd.org Subject: Re: Jails in -CURRENT X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Mar 2004 10:40:37 -0000 Eirik Oeverby wrote: > Hi, > > I can give you an outline of what my script does, then it'll be for you to judge if it can be called a 'jail management' tool.. ;) > > Current features: > - Starting jails (brings up interface alias, mounts proc, linprocfs (if enabled), /usr/ports and /usr/src from the host (read-only), starts the jail) > - Stopping jails (finds all processes belonging to a jail, TERM/KILL signals are sent, filesystems are unmounted, interface taken down) > - Creating jails (uses the standard installworld target, then modifies key configuration files to be jail-compliant, deletes unnecessary and non-working files and directories, installs predefined packages and does other adjustments to the jail internal configuration, sets a default root password and enables remote root login) > - Upgrading jails (installworld, and then mergemaster, with cleanup afterwards) > - Deleting jails (guess...) > - Jail status (lists running/not running/not configured jails) > > Future plans include finding a way to inject processes into jails (though I fear this might be impossible on -STABLE without patches), allowing listing of jail processes from outside the jail (done in an hour or two if I find the time ;), and better configureability. > > The script is written entirely for /bin/sh (it's actually my first ever real shellscript), and in the hope that it might be useful for someone. I have a secret dream of having it included in the default freebsd distribution... > > If you or anyone want to test it, let me know. > > /Eirik > > >>>From: Eirik Oeverby >To: >> >>current@freebsd.org >Date: Wed, 03 Mar 2004 09:12:30 +0100 >Subject: Jails in >>-CURRENT >Sender: owner-freebsd-current@freebsd.org >> >> >>>Can someone point me to a site or message or whatever, that describes >the >> >>changes to the jail facility in -CURRENT, and 5.2.1 in particular, >compared >>to what is to be found in -STABLE (4.9.x) ? >> >>I don't have anything for you there but... >> >> >>>I'm currently running a number of jails on -STABLE, and have just >finished >> >>writing a rather comprehensive tool for managing them - and >would like to >>know if this would be useful on -CURRENT aswell. Also I >need to know if >>anything can be gained by upgrading. >> >>I would be interested in (at least) knowing more about how you approached >>"jail management". >> >>Peace, david -- David H. Wolfskill david@catwhisker.org I do not >>"unsubscribe" from email "services" to which I have not explicitly >>subscribed. Rather, I block spammers' access to SMTP servers I control, and >>encourage others who are in a position to do so to do likewise. Sounds great. where to get your script? I'd like to test it :)