From owner-freebsd-isp Tue Jul 17 12:15: 8 2001 Delivered-To: freebsd-isp@freebsd.org Received: from phoenix.volant.org (dickson.phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (Postfix) with ESMTP id 9ACA037B408 for ; Tue, 17 Jul 2001 12:15:02 -0700 (PDT) (envelope-from patl@phoenix.volant.org) Received: from asimov.phoenix.volant.org ([205.179.79.65] helo=asimov) by phoenix.volant.org with esmtp (Exim 1.92 #8) id 15MaJ1-0004pR-00; Tue, 17 Jul 2001 12:14:51 -0700 Date: Tue, 17 Jul 2001 12:14:49 -0700 From: PM Lashley To: Alexey Zakirov Cc: freebsd-isp@FreeBSD.ORG Subject: Re: jail Message-ID: <609150000.995397289@asimov> In-Reply-To: References: X-Mailer: Mulberry/2.1.0b2 (SunOS/SPARC Demo) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="==========610131052==========" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --==========610131052========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On Tuesday, July 17, 2001 22:48:32 +0400 Alexey Zakirov = wrote: > On Tue, 17 Jul 2001, PM Lashley wrote: > >> > make install DESTDIR=3D$INSTALLATION_PATH >> > cd $INSTALLATION_PATH >> > rm -rf boot dev lkm mnt modules proc root sys >> > cat $WORK/delete.lst | xargs chflags 0 >> > cat $WORK/delete.lst | xargs rm -rf >> > cat $WORK/noworld.lst | xargs chflags 0 >> > cat $WORK/noworld.lst | xargs chmod o-rwx >> > cat $WORK/nosuid.lst | xargs chflags 0 >> > cat $WORK/nosuid.lst | xargs chmod ug-s >> >> So exactly which files do you have listed in each of the '.lst' files? > > Sorry if this can't be appropriate for this list but I've administered > public shell boxes for 3 years and I think those AREN'T important files > for public shell/web hosting so I've attached those lists. No, I agree - there are a lot of files installed by the make world that=20 aren't necessary (or in some cases even useful) in a jail environment. I=20 just thought it would be helpful if you shared your lists. (Thanks!) >> Also, a nit - I'd like to point out that the above six lines would be >> more efficient using redirection instead of cat and pipes. E.g., > > have you ever tried to rm(1) about 1 m files? Most of shells have a = pretty > small buffers for it's command line arguments. > And more - it's classic. Yes, I have. Note that my solution still uses xargs to get around the=20 command-line buffer size restrictions. It just eliminates the 'cat' in=20 favor of redirecting stdin for xargs. Yours: cat FOO | xargs CMD Mine: xargs CMD < FOO It eliminates the unnecessary and unhelpful cat process, it's buffers, the=20 pipe, etc. The construct 'cat ONE-FILE |' can almost always be replaced by a stdin=20 redirection to improve efficiency with no down-side at all. It's a=20 different matter, of course, if more than one file is being processed by=20 the cat or if other command-line parameters are being used to alter cat's=20 output. (E.g., 'cat -n ONE-FILE |' or 'cat -v ONE-FILE |') -Pat --==========610131052========== Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (SunOS) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjtUjqoACgkQncYNbLD8wuNNGACg7gVQ/81ZOJd6ADRqfMBzybIs ub8AnRsFCQwkijXy1qI0PYX56ktU4Opr =y0S1 -----END PGP SIGNATURE----- --==========610131052==========-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message