From owner-freebsd-jail@FreeBSD.ORG Tue Jan 27 13:41:31 2015 Return-Path: Delivered-To: jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E6CE714 for ; Tue, 27 Jan 2015 13:41:30 +0000 (UTC) Received: from mail-pd0-x233.google.com (mail-pd0-x233.google.com [IPv6:2607:f8b0:400e:c02::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B198ECE6 for ; Tue, 27 Jan 2015 13:41:30 +0000 (UTC) Received: by mail-pd0-f179.google.com with SMTP id v10so18922794pde.10 for ; Tue, 27 Jan 2015 05:41:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=w2ZlS3gr+SzmW2/ftrx6lJo93AiqIptEGqonnfLJ+2A=; b=TVfxubm6+Gt1eKvJJMJhZS+lMqDFxGl+N5zZH1RljXxFKi2Bxl0OGeDTH1xBvtztmp eI38aTBh7IsbziZLqu9b2tG43m8MgFhBqECfXKjhy43eEgm7Ad31fNJysRrFPxHK9aLV azz2p9T1hCR8UMPwc7NWfU6odgOeO7yBGHzUHqznEMVe7o4Ak5Qp9dFItru9eOHVtUou vuH5Pr+/EKHhYaC5IL4YP1UMB/S+dG0tzywVvuuvw8q9XdEMDimS5hyxq5wyNFU7pkSi xsuxxZ19G/oue2pQ6JtHbjkRcHCXmvZLem8XckYVCwsKcPphTZQW8SqZ2E3Hatq4Sqan lvEA== X-Received: by 10.66.157.5 with SMTP id wi5mr2051856pab.37.1422366090295; Tue, 27 Jan 2015 05:41:30 -0800 (PST) Received: from [192.168.0.110] ([120.29.76.208]) by mx.google.com with ESMTPSA id bk8sm1702437pad.28.2015.01.27.05.41.28 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 27 Jan 2015 05:41:29 -0800 (PST) Message-ID: <54C7958B.40007@gmail.com> Date: Tue, 27 Jan 2015 21:41:31 +0800 From: Ernie Luzar User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: jail@freebsd.org Subject: Re: preferred jail management tool References: <20150127012347.GA4940@lonesome.com> <20150127141239.V77290@sola.nimnet.asn.au> In-Reply-To: <20150127141239.V77290@sola.nimnet.asn.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Michael W. Lucas" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jan 2015 13:41:31 -0000 Ian Smith wrote: > On Mon, 26 Jan 2015 19:23:48 -0600, Mark Linimon wrote: > [Sean Chittenden wrote:] > > > > For years I've used and endorsed ezjail, but as stated, it is depreciated. > > > > Hmm, there's no notation at > > http://portsmon.freebsd.org/portoverview.py?category=sysutils&portname=ezjail , > > nor in the Makefile AFAICT. > > > > > > For a book, excluding ezjail would exclude a huge portion of the user base > > > > and seems like it would hurt credibility given its dominance as the > > > > preferred tool for jail administration. > > I agree with this; given its history and installed base it certainly > deserves some coverage with at least references to its documentation, as > a precursor to more recently emerging, likely more comprehensive tools. > > > On Mon, Jan 26, 2015 at 12:54:50PM -0500, Alejandro Imass wrote: > > > Maybe is something obvious to the more technical crowd but as a user what > > > does "depreciated" mean in this context? > > > > Really the word most people use is . > > > > It can mean any number of things: > > > > - it no longer works due to changes in other software > > - it has been replaced by something else > > - the author is no longer interested in maintaining it > > > > and so forth. > > > > I don't know the answer in this case. > > As Alejandro went on to point out, depreciate means (ref Concise Oxford) > 'Diminish in value' or 'Lower market price of; reduce purchasing power > of (money); disparage, belittle' (L. pretiare f. pretium price), while > deprecate means 'Plead against; express wish against or disapproval of > (L. precari pray). Different, with some overlap regarding belittlement. > > The former term is prominent in Joe's http://jail-primer.sourceforge.net/ > > cheers, Ian > > Your correct that ezjail does not proclaim it self as "deprecated" / "depreciated". But if you were real jail users you would have seen the "deprecated" / "depreciated" message that pops out when you start a jail that is defined in rc.conf file in FreeBSD 10.0. That jail start up warning message also tells you to convert to using jail.conf file. With the progression of each new major Freebsd release since 9.1 jail(8) has become the jail driver and the rc.conf jail definition statements slowly being replaced by jail.conf as the only supported jail definition method. With this as a fact and a review of the ezjail change log it becomes evident that ezjail does not support jail.conf at this time. 11.0 will shortly be published and to my knowledge support for jails defined in rc.conf will no longer be supported. You do the math, ezjail is at end of life unless it under goes a major change to using the jail.conf file before 11.0 is published. This was pointed out in the original post, but which the readers choose to ignore. I hope the ezjail author takes this thread as incentive to keep his utility up to date and not let it die due to changing software in Freebsd base code. All I am doing is pointing out the facts here. I though it was important for the guy who wants to write a book on jails to know the facts so he can make an informed decision about which tools to write about, To me it would seem pretty silly to invest the time to write about a jail tool that at this time in its development is "deprecated" / "depreciated" by circumstances out of its control. In my opinion any port that does not include complete documentation in its man pages is next to useless and many people agree. Ezjail man pages lack documentation on 98 percent of its functions. I do not see HOW a book on jails can recommend a tool with such poor documentation. Doing so would put the creditability of every thing written in the book in doubt and NO author wants to get mud in their face for failing to completely understand the unpublished background of the subject targeted to write about. In a nut shell, since 9.1 jails have been a moving target as the implementation of jail(8) replaces the rc.d/jail method. Hopefully with 11.0 the jail target will stop moving. This means that most of the jail ports dealing with Releases 8.x, and 9.x, are obsolete for 11.0. On the subject of vimage/vnet, vimage has many outstanding PRs and has received absolutely no maintenance since it was first published. The bugs deal with memory leaks and failure to work with firewalls. Some ISP's have downplayed these show stopper problems and successfully created working production environments at the risk of their subscribers. An experts knowledge of networking and the availability of a range of static ip addresses is required. Vimage/vnet sure is not intended for the home user or small business. Vimage has to be compiled into the kernel and its kernel compile option has comment that it is highly experimental. That is all that needs to be said about vimage/vnet. When it comes to "deprecated" / "depreciated". Nit picking over the letter "i" in the spelling of the word is crazy. You all know Freebsd meaning and its not what the dictionary says. My dictionary shows both words mean the same thing, one being the USA spelling and the other being the British spelling. Enough said about spelling.