From owner-freebsd-jail@FreeBSD.ORG Tue Aug 5 07:41:17 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 38CED1B6 for ; Tue, 5 Aug 2014 07:41:17 +0000 (UTC) Received: from smtpout100.ehv.onlinespamfilter.nl (smtpout100.ehv.onlinespamfilter.nl [IPv6:2001:4cb8:1:1620:217:21:240:168]) (using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E41F72F97 for ; Tue, 5 Aug 2014 07:41:16 +0000 (UTC) Received: from smtp.onlinespamfilter.nl (localhost [127.0.0.1]) by smtp.onlinespamfilter.nl (Postfix) with ESMTP id 3hS7Dt3VDKz2y for ; Tue, 5 Aug 2014 09:41:02 +0200 (CEST) Received: from smtp.debank.tv (145-158-ftth.on.nl [88.159.158.145]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.onlinespamfilter.nl (Postfix) with ESMTPS for ; Tue, 5 Aug 2014 09:41:02 +0200 (CEST) Received: from smtp.debank.tv (smtp.debank.tv [172.16.143.25]) by smtp.debank.tv (Postfix) with ESMTP id 134A439A87A for ; Tue, 5 Aug 2014 09:41:02 +0200 (CEST) Received: from tui.debank.tv (134.198.69.111.dynamic.snap.net.nz [111.69.198.134]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: rob@debank.tv) by smtp.debank.tv (Postfix) with ESMTPSA id CDDB939A879 for ; Tue, 5 Aug 2014 09:41:00 +0200 (CEST) Message-ID: <53E08A88.1030007@debank.tv> Date: Tue, 05 Aug 2014 19:40:56 +1200 From: mailinglists User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Subject: Re: ezjail and mergemaster References: <53D81D43.6070503@freebsd.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP @ debank.tv X-OSF-Virus: CLEAN X-OSF-Outgoing: Innocent X-OSF-Account: 1327 X-OSF-SUM: 33322ad6fee9d4208050cd2dfc6f16da X-OSF-Info: Checked for spam and viruses X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Aug 2014 07:41:17 -0000 On 5/08/14 11:13 am, Warren Block wrote: > On Tue, 29 Jul 2014, Allan Jude wrote: > >> On 2014-07-29 17:44, Warren Block wrote: >>> >>> What process for running mergemaster should I suggest? Maybe different >>> ones for trusted and untrusted jails? >> >> This will mount /usr/src into the basejail read-only: >> >> mount -t nullfs -o ro /usr/src /usr/jails/basejail/usr/src > > Thank you. I took the easy way out, by showing how to mount the > source in the jails and just mentioning mergemaster. > > Draft version: > http://www.wonkity.com/~wblock/jails/jails-ezjail.html > _______________________________________________ Would it be an idea to list the files that can be excluded from mergemaster updates, a lot of the rc scripts are a no-op inside a jail, if one has to update a large number of ports this can make a real difference. I guess ideally mergemaster itself could be extended to include a flag to indicate it's run inside (or targeted at) a jail and remove/ignore rc scripts that will never be used but that's probably outside the scope of this discussion. Rob Evers