From owner-freebsd-jail@FreeBSD.ORG Sun Mar 31 20:58:37 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id DD95EE5 for ; Sun, 31 Mar 2013 20:58:37 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [217.13.206.130]) by mx1.freebsd.org (Postfix) with ESMTP id 5728CED0 for ; Sun, 31 Mar 2013 20:58:37 +0000 (UTC) Received: (qmail 36355 invoked from network); 31 Mar 2013 20:58:34 -0000 Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org) by elektropost.org with CAMELLIA256-SHA encrypted SMTP; 31 Mar 2013 20:58:34 -0000 Message-ID: <5158A379.2030702@erdgeist.org> Date: Sun, 31 Mar 2013 22:58:33 +0200 From: Dirk Engling User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130307 Thunderbird/17.0.4 MIME-Version: 1.0 To: Miroslav Lachman <000.fbsd@quip.cz> Subject: Re: rc.d/jail and jail.conf References: <515721F8.9090202@erdgeist.org> <51574D3F.9040300@quip.cz> <51588435.2010400@erdgeist.org> <51589607.7040401@quip.cz> In-Reply-To: <51589607.7040401@quip.cz> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Mar 2013 20:58:37 -0000 On 31.03.13 22:01, Miroslav Lachman wrote: >> So I guess, I am out of luck here, because users used to think of their >> jails as what they saw in the hostname field on jls. If I am writing >> tools that use jail_getid to map the jailname to the jid, it will never >> match that hostname and I also can not copy the hostname to the jailname. > > I understand what you are talking about, but jails in these days are > something different from what jails were at the begining in 4.x days and > users must accept that jailname is something different than hostname. > In these days, you can have jails with many IP addresses or without IP > address. Hostname needn't to be unique etc. > > Dot (.) is not allowed in jailname because of hierarchical jails, > where dot is used as hierarchy separator. Humm, this seems a strange thing to answer to my question. Once you see jails as virtual servers (which I understand is not the only way to do, but the biased way I and most jail users I talk to happen to deploy them in huge quantities), the natural approach to name them is via their hostname. I find it hard to grasp to tell them "don't" ;) And still I find the choice of '.' as a separator unfortunate, '/' springs in mind, but there might have been reasons. I also understand that the hostname is not an unique identifier anymore, still for many (if not most) setups the mapping is bijective. My problem now is that referring to a jail (in a sense of virtual host) becomes unintuitive. I want to do stuff with my vhost "example.com" but have to call it "example" or "example_com". Even worse with "www.example.com" which now needs to be an ambigous "www" or some other mapping of '.' to something else. If I want to write tools that accept intuitive jail identifiers, I would have to implement heuristics that match the hostname once the identifier contains '.' and I can't find a hierarchical jail with that name. > Plain jls without any options should be used just for backward > compatibility with old scripts, because its output is insufficient for > todays jails. (only one IP is shown and no jailname) > > jls -v or jls -s is better with new jails. Maybe it would be easier for me to understand if I knew, how those jails "in these days" are supposed to work, what the overall vision is for users to integrate them in their workflow. Besides a wish list that doubles as todo list in https://wiki.freebsd.org/Jails and an attempted handbook section rewrite, there seems to be little in that regard. Maybe I just missed out on the discussions or could not find the relevant documents? Maybe meeting at a BSDcon over a beer would help ;) Regards, erdgeist