From owner-freebsd-hackers@FreeBSD.ORG  Fri Dec 10 23:32:13 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B48D516A4CE
	for <freebsd-hackers@freebsd.org>;
	Fri, 10 Dec 2004 23:32:13 +0000 (GMT)
Received: from mail.npubs.com (mail.zoneseven.net [209.66.100.224])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8000F43D4C
	for <freebsd-hackers@freebsd.org>;
	Fri, 10 Dec 2004 23:32:13 +0000 (GMT)
	(envelope-from nielsen@memberwebs.com)
From: Nielsen <nielsen@memberwebs.com>
User-Agent: Mozilla Thunderbird 0.9 (X11/20041127)
X-Accept-Language: en-us, en
MIME-Version: 1.0
Cc: freebsd-hackers@freebsd.org
References: <20041210180332.GA27788@engelschall.com>
X-Enigmail-Version: 0.89.0.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Message-Id: <20041210234157.478BF840325@mail.npubs.com>
X-AV-Checked: ClamAV using ClamSMTP
Date: Fri, 10 Dec 2004 23:41:57 +0000 (GMT)
Subject: Re: rc.shutdown and jails
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Dec 2004 23:32:13 -0000

Ralf S. Engelschall wrote:
> Currently a "/etc/rc.d/jail stop" just kills all processes in the
> individual jails. If /etc/default/rc.conf's default way of booting the
> jails (jail_exec="/bin/sh /etc/rc") is used this is a rather crual
> approach IMHO. I think if the jail is booted through /etc/rc it also
> should be given the chance to shutdown via /etc/rc.shutdown. If then
> there are still processes remaining, the killall(1) is fine, of course.
> This way packages and other sub-systems have the chance to perform a
> graceful shutdown.

Definitely a good plan. You just have to watch out for environment 
variable leakage into the jail subsystem when using jexec. A minor 
concern, perhaps.

This is what the jkill from the jailutils package does:
http://memberwebs.com/nielsen/freebsd/jails/jailutils

Cheers,
Nate