Date: Tue, 29 Apr 2014 23:19:30 GMT From: Joe Barbish <qjail@a1poweruser.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/189120: [Maintainer update] sysutils/qjail maintenance & enhancements Message-ID: <201404292319.s3TNJUbx021386@cgiserv.freebsd.org> Resent-Message-ID: <201404292320.s3TNK0Jm073717@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 189120
>Category: ports
>Synopsis: [Maintainer update] sysutils/qjail maintenance & enhancements
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Tue Apr 29 23:20:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: Joe Barbish
>Release: 10.0
>Organization:
none
>Environment:
>Description:
Please include the following in the qjail port change log.
1. Fix typo in qjail.8 manual.
Change "See jailip below" to "See -4 option"
2. Fix typo in qjail-howto.8 manual as per PR# 186269.
Change a comma , inside of ip address to a . period.
73.x.97,51,10.0.10.126 to 73.x.97.51,10.0.10.126
3. Change qjail.portsnap.conf,
remove index-6 index-7 index-8 statements
replace index-9 with index-10
4. Removed rcvar=`set_rcvar` statement from qjail.bootime script.
In Release 10.0 its no longer included in the rc.d scripts and
was causing a non-harmful bogus boot time message.
5. Correct coding bug in archive logic to archive sharedfs per zone.
6. Correct coding bug for Sanity check to see if any jails are running.
7. Changed "qjail install" logic to check that this version of qjail only
runs on release-10.0. This is due to unique properties of jail(8) & rc.d
that are not in 9.2 and older releases.
8. Changed "qjail create" and "qjail config" logic to check if the
-4 and/or -6 IP address are prefixed with "<if_device>|" and/or
suffixed with "/<netmask>" values. jail(8) says this is valid syntax,
but its NOT allowed as valid syntax to qjail.
9. Changed "qjail create" logic to check if no -n value was entered. If not
then populate the -n value with the interface default nic device name
obtained from route command. This is now the automatic default behavior.
The default interface is the one connected to the public internet.
This shortens the "qjail create command" and forces the use of the
automatic creation and deletation of the alias for the jails IP address
on that "network interface name". Made appropriate changes to qjail.8
man page documentation.
10. Changed "qjail create" logic to target another zones archives as input
source. Now you can use any zones archive file as a template to create
a new jail using the existing -a option. New -A option is coded with the
zone name of the target archive file name populating the -a value.
Made appropriate changes to qjail.8 man page documentation.
11. Added -S option to "qjail update" This option will copy the hosts /usr/src
filesystem to sharedfs/usr/src to be shared among all the jails.
Made appropriate changes to qjail.8 man page documentation.
12. Add -P option to "qjail update" This option will copy the hosts /usr/ports
filesystem to sharedfs/usr/ports to be shared among all the jails.
Made appropriate changes to qjail.8 man page documentation.
Please close PR# 186269 as completed.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
Files qjail-3.2/.svn/wc.db and qjail/.svn/wc.db differ
diff -ruN qjail-3.2/Makefile qjail/Makefile
--- qjail-3.2/Makefile 2014-04-29 17:59:59.000000000 -0400
+++ qjail/Makefile 2014-04-29 18:04:51.000000000 -0400
@@ -2,7 +2,7 @@
# $FreeBSD: head/sysutils/qjail/Makefile 327772 2013-09-20 23:05:58Z bapt $
PORTNAME= qjail
-PORTVERSION= 3.2
+PORTVERSION= 3.3
CATEGORIES= sysutils
MASTER_SITES= SF/${PORTNAME}
@@ -15,7 +15,7 @@
MAN8= qjail.8 qjail-intro.8 qjail-howto.8
-CONFLICTS_INSTALL= qjail-2.*
+CONFLICTS_INSTALL= qjail-2.* qjail-3.0 qjail-3.1 qjail-3.2
NO_STAGE= yes
post-patch:
diff -ruN qjail-3.2/distinfo qjail/distinfo
--- qjail-3.2/distinfo 2014-04-29 17:59:59.000000000 -0400
+++ qjail/distinfo 2014-04-29 18:01:18.000000000 -0400
@@ -1,2 +1,2 @@
-SHA256 (qjail-3.2.tar.bz2) = 3088c1946e720ddc3fb6f78254f8616951de3a90f0e6e0dfbd4d49c16febe697
-SIZE (qjail-3.2.tar.bz2) = 121560
+SHA256 (qjail-3.3.tar.bz2) = 1fafc7ec065e3ef1ccd20321eabab22887ef663be4a5aaa471d951dd94c9a7b4
+SIZE (qjail-3.3.tar.bz2) = 61477
diff -ruN qjail-3.2/files/pkg-message.in qjail/files/pkg-message.in
--- qjail-3.2/files/pkg-message.in 2014-04-29 17:59:59.000000000 -0400
+++ qjail/files/pkg-message.in 2014-04-29 18:01:18.000000000 -0400
@@ -11,8 +11,5 @@
########################################################################
-For instructions on upgrading jail filesystems
-Read %%EXAMPLESDIR%%/upgrade-info.txt
-
diff -ruN qjail-3.2/pkg-descr qjail/pkg-descr
--- qjail-3.2/pkg-descr 2014-04-29 17:59:59.000000000 -0400
+++ qjail/pkg-descr 2014-04-29 18:06:14.000000000 -0400
@@ -1,16 +1,17 @@
Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
system that includes security and performance enhancements. Plus a new level
of "user friendliness" enhancements dealing with deploying just a few jails or
-large jail environments consisting of 100's of jails.
+large scale jail environments consisting of 100's of jails.
This version of qjail has been converted from using the legacy rc.d-method as
used in all previous versions of qjail, to using the jail(8) jail.conf-method
-available in RELEASE-9.1. This upgrade provides the ability to enable the
-following new options on a per-jail basis. exec.fib, allow.raw_sockets,
-allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, securelevel,
+available in RELEASE-9.1 which contained many bugs, some that were fixed in
+RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the ability
+to enable the following new options on a per-jail basis. exec.fib, securelevel,
+allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id,
vnet.interface, and vnet. The vnet option gives a jail its own network stack
-using the experimental vimage software. This qjail version is not functional
-for RELEASES older than RELEASE-9.1. The vnet option has only been tested on
+using the experimental vimage software. This qjail version is not intended
+for RELEASES older than RELEASE-10.0. The vnet option has only been tested on
i386 and amd64 equipment.
Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
diff -ruN qjail-3.2/pkg-plist qjail/pkg-plist
--- qjail-3.2/pkg-plist 2014-04-29 17:59:59.000000000 -0400
+++ qjail/pkg-plist 2014-04-29 18:01:18.000000000 -0400
@@ -3,9 +3,6 @@
bin/qjail.vnet.ng
etc/qjail.portsnap.conf
etc/rc.d/qjail.bootime
-%%EXAMPLESDIR%%/upgrade-info.txt
-%%EXAMPLESDIR%%/vnet/jail.amd64
-%%EXAMPLESDIR%%/vnet/jail.i386
%%EXAMPLESDIR%%/vnet/ipfw.rules.host
%%EXAMPLESDIR%%/vnet/ipfw.rules.vnet
%%EXAMPLESDIR%%/vnet/ipf.rules.host
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404292319.s3TNJUbx021386>