From owner-freebsd-jail@FreeBSD.ORG  Fri Oct 18 20:42:12 2013
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 79CA5EC2
 for <freebsd-jail@FreeBSD.org>; Fri, 18 Oct 2013 20:42:12 +0000 (UTC)
 (envelope-from erdgeist@erdgeist.org)
Received: from elektropost.org (elektropost.org [217.115.13.199])
 by mx1.freebsd.org (Postfix) with ESMTP id B24282CA2
 for <freebsd-jail@FreeBSD.org>; Fri, 18 Oct 2013 20:42:11 +0000 (UTC)
Received: (qmail 23311 invoked from network); 18 Oct 2013 20:42:03 -0000
Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org)
 by elektropost.org with CAMELLIA256-SHA encrypted SMTP;
 18 Oct 2013 20:42:03 -0000
Message-ID: <52619D1B.9040408@erdgeist.org>
Date: Fri, 18 Oct 2013 22:42:03 +0200
From: Dirk Engling <erdgeist@erdgeist.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8;
 rv:24.0) Gecko/20100101 Thunderbird/24.0.1
MIME-Version: 1.0
To: freebsd-jail@FreeBSD.org
Subject: Allowing meta-namespace in jail.conf
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Oct 2013 20:42:12 -0000

Dear jail enthusiasts,

in order to move forward with my jail management project ezjail, and
make it support the new jail.conf way of managing jail configs, I need a
way to add properties to jails that are currently not in the list of
allowed parameters. I was thinking of something like

web-jail {
  name = 'www.test.com';
  meta.ezjail.imagetype = 'zfs';
  meta.ezjail.zfsdataset = 'tank/ezjail/www.test.com-data';
}

Alternatively, I could keep a shadow tree of config options and generate
jail configs on the fly, but that would mean not using the power of the
new jail config format. This can also lead to conflicting settings (e.g.
from wildcard jails or global options) and unexpected parts of the
system to look for configs.

Another issue is the complexity of the jail.conf format which makes it
hard to automatically manipulate entries. I've started working on a
parser/generator in shell, but wondered if there are any plans to add a
way to remove jail blocks (adding is easier) and add/modify/delete
parameters in jail blocks. Some standardized way to get the result from
jail(8)'s parser would of course be a nice start.

Any thoughts on that?

  erdgeist