From owner-freebsd-jail@FreeBSD.ORG Sun Mar 31 19:14:27 2013 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 49EE6D86 for ; Sun, 31 Mar 2013 19:14:27 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [217.13.206.130]) by mx1.freebsd.org (Postfix) with ESMTP id 98595ABA for ; Sun, 31 Mar 2013 19:14:26 +0000 (UTC) Received: (qmail 25008 invoked from network); 31 Mar 2013 19:14:24 -0000 Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org) by elektropost.org with AES256-SHA encrypted SMTP; 31 Mar 2013 19:14:24 -0000 Date: Sun, 31 Mar 2013 21:14:23 +0200 (CEST) From: Dirk Engling To: Jamie Gritton Subject: Re: rc.d/jail and jail.conf In-Reply-To: <515888BA.8060804@FreeBSD.org> Message-ID: References: <515721F8.9090202@erdgeist.org> <515847AF.8070808@FreeBSD.org> <5158526A.4020400@quip.cz> <51586419.5090207@FreeBSD.org> <51586DC8.7030500@quip.cz> <515880F3.1050300@FreeBSD.org> <5158874C.2060701@erdgeist.org> <515888BA.8060804@FreeBSD.org> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Mar 2013 19:14:27 -0000 On Sun, 31 Mar 2013, Jamie Gritton wrote: > If you don't mind some slightly difficult error messages, you can always > "disable" a jail with exec.prestart="false". jail(8) requires all > commands to succeed, and in particular won't even create a jail when one > of the prestart commands fails. This violates POLA, but failing with exec.prestart="echo skipping jail; exit 1" might work. Even though this is not a good marker from a scripting perspective. erdgeist