From owner-freebsd-jail@FreeBSD.ORG Sat Jun 27 11:05:57 2009 Return-Path: Delivered-To: jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 64D97106567E for ; Sat, 27 Jun 2009 11:05:57 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [195.88.108.3]) by mx1.freebsd.org (Postfix) with ESMTP id 1F0E08FC15 for ; Sat, 27 Jun 2009 11:05:56 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id C112241C6A3; Sat, 27 Jun 2009 12:50:07 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([195.88.108.3]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id jPYx1oj3NKmR; Sat, 27 Jun 2009 12:50:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id 7274B41C6B4; Sat, 27 Jun 2009 12:50:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id CF2624448E6; Sat, 27 Jun 2009 10:47:47 +0000 (UTC) Date: Sat, 27 Jun 2009 10:47:47 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Alexander Leidinger In-Reply-To: <20090627122519.00002b84@unknown> Message-ID: <20090627104704.Y22887@maildrop.int.zabbadoz.net> References: <20090627122519.00002b84@unknown> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: jail@freebsd.org Subject: Re: Switching /etc/rc.d/jail to new syntax (+ new features) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Jun 2009 11:05:57 -0000 On Sat, 27 Jun 2009, Alexander Leidinger wrote: > at http://www.leidinger.net/FreeBSD/current-patches/jail.diff I have a > patch to switch the jail rc script to the new jail (8-current) syntax. > This includes new config options for a jail (see etc/defaults/rc.conf > after patching). The patch also contains my X-in-a-jail stuff (feel > free to ignore this part, it's disabled by default). > > If you do not make any config change, you will be able to see all > mounted filesystems of the entire machine. To get back to the previous > behavior, you have to add a config option: > jail_XXX_startparams="enforce_statfs=2" > > This config option can also take other jail parameters like > allow.sysvipc and other ones described in the jail man-page (additional > parameters need to be space separated). > > Feedback welcome. 1) it break various things that will no longer work 2) it's not a poper solution /bz -- Bjoern A. Zeeb The greatest risk is not taking one.