From nobody Sun Feb 20 09:35:40 2022 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 162E619DDA32 for ; Sun, 20 Feb 2022 09:35:50 +0000 (UTC) (envelope-from freebsd-questions@ymmv.dk) Received: from mail01.ymmv.dk (193-106-164-141.ip4.fiberby.net [193.106.164.141]) by mx1.freebsd.org (Postfix) with ESMTP id 4K1gKK0bjwz4Sby for ; Sun, 20 Feb 2022 09:35:48 +0000 (UTC) (envelope-from freebsd-questions@ymmv.dk) Received: from c02qx0.local (193-106-164-140.ip4.fiberby.net [193.106.164.140]) by mail01.ymmv.dk (Postfix) with ESMTPSA id 0545D100FAA; Sun, 20 Feb 2022 10:35:40 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ymmv.dk; s=ymmv-mail-dkim; t=1645349741; bh=V79Lz5fBWn30lGc8m/MvhnW5bWkyyT4E3q5SKH2CPFY=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=Mku7lVb4NnOylvES+Pnf6E9owrMQdaDL6L/psZ7rGSpJMM8oJszx2IRxq9Vg/81xO 1k0Uet6rWEczVOM3K61zT+vevSYSxRjjyk1Pg5NRLfjFtDyHUa7bPB5KR8hS+wyCFa 2MCsTOw1tHBGO5O3w/ZAVOu5654QpgjifFrKq1AODzxUo04LPl/XV9EPeN2ZH7mhTb PP7fJTjQh++XraNGrRBBnFBfVeMSI27LUIiYZZ2W3vFI94uPc+7ymaSLKtSBf/FEod Tn8P48h6Yoha5oe6daXpTlmvNKDAD4bYTJp8hNaa16JYxLDzCZmqzF5X7H0zzvAHu8 Sl1HzCTiQgG5g== Date: Sun, 20 Feb 2022 10:35:40 +0100 From: Jon Clausen To: Sysadmin Lists Cc: freebsd-questions@freebsd.org, Jon Clausen Subject: Re: jail.$jailname.conf not directly in /etc/ ? Message-ID: <20220220093540.f5jnbqbd7sfpkth7@c02qx0.local> References: <20220219092824.6qmzo33es3w73nj5@c02qx0.local> <1024790408.1118263.1645311258751@ichabod.co-bxl> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1024790408.1118263.1645311258751@ichabod.co-bxl> X-Rspamd-Queue-Id: 4K1gKK0bjwz4Sby X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ymmv.dk header.s=ymmv-mail-dkim header.b=Mku7lVb4; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-questions@ymmv.dk has no SPF policy when checking 193.106.164.141) smtp.mailfrom=freebsd-questions@ymmv.dk X-Spamd-Result: default: False [-0.96 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[ymmv.dk:s=ymmv-mail-dkim]; NEURAL_HAM_MEDIUM(-0.98)[-0.982]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-0.77)[-0.775]; MIME_GOOD(-0.10)[text/plain]; SUBJECT_HAS_CURRENCY(1.00)[]; DMARC_NA(0.00)[ymmv.dk]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[ymmv.dk:+]; NEURAL_HAM_SHORT(-1.00)[-0.999]; MLMMJ_DEST(0.00)[freebsd-questions]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:42541, ipnet:193.106.164.0/22, country:DK]; RCVD_COUNT_TWO(0.00)[2] X-ThisMailContainsUnwantedMimeParts: N On 2022-02-19 23:54:18 (+0100), Sysadmin Lists wrote: > > ... > > I'm trying to keep things segregated from the base system, which basically > > just means that I'm putting all of the datasets, config files and whatever > > under /usr/local/ somewhere. > Does it not work if you set up local_startup with /usr/local/rc.conf.d/jail as a directory? Not as I might have hoped. Moving one of the jail config files from /etc/ into a newly created /usr/local/etc/rc.conf.d/jail/ and then issuing `service jail status` results on a bunch of errors. The errors point to the file not being read as a config file, but being sourced as a "script". And indeed, this "script" does get sourced; root@jh03:~ # cat /usr/local/etc/rc.conf.d/jail/local_jail_functions echo "--- set:" set Also, this happens regardless of local_startup being set in rc.conf or not. > From rc.conf (5): > In addition to /etc/rc.conf.local you can also place smaller > configuration files for each rc(8) script in the /etc/rc.conf.d directory > or ⟨dir⟩/rc.conf.d directories specified in local_startup, which will be > included by the load_rc_config function. For jail configurations you > could use the file /etc/rc.conf.d/jail to store jail specific > configuration options. If local_startup contains /usr/local/etc/rc.d and > /opt/conf, /usr/local/rc.conf.d/jail and /opt/conf/rc.conf.d/jail will be > loaded. If ⟨dir⟩/rc.conf.d/⟨name⟩ is a directory, all of files in the > directory will be loaded. Also see the rc_conf_files variable below. So first of all, it reads (to me at least) to mean that *scripts* or script *functions* will be read from (files in) the directory, not config files. But aside from that, the directories listed seem inconsistent. As you may have noticed, I put the "script" above in /usr/local/etc/rc.conf.d/jail/local_jail_functions Moving it to (freshly created) /usr/local/rc.conf.d/jail/ results in the file *not* being sourced, and once again this is independant of local_startup being set in rc.conf or not. So I don't think this would work the way I had hoped. It has given me an idea though, which I will be exploring later... ...I'll unveil that hare-brained scheme once I figure out something about the rc script sourcing sequence... br /jon -- YMMV