From owner-freebsd-arch@FreeBSD.ORG Mon Sep 16 14:04:39 2013 Return-Path: Delivered-To: arch@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 619B57FA for ; Mon, 16 Sep 2013 14:04:39 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 153A62FA1 for ; Mon, 16 Sep 2013 14:04:37 +0000 (UTC) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by m2.gritton.org (8.14.5/8.14.5) with ESMTP id r8GDgmJA008475; Mon, 16 Sep 2013 07:42:48 -0600 (MDT) (envelope-from jamie@FreeBSD.org) Message-ID: <52370AD3.2060909@FreeBSD.org> Date: Mon, 16 Sep 2013 07:42:43 -0600 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130807 Thunderbird/17.0.7 MIME-Version: 1.0 To: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= Subject: Re: jail configuration References: <8661u2kppt.fsf@nine.des.no> <20130916130543.GA73887@zxy.spb.ru> <86k3igki36.fsf@nine.des.no> In-Reply-To: <86k3igki36.fsf@nine.des.no> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Cc: arch@FreeBSD.org, Slawa Olhovchenkov X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Sep 2013 14:04:39 -0000 On 09/16/13 07:32, Dag-Erling Smørgrav wrote: > Slawa Olhovchenkov writes: >> This break existing configuration, yes? > > Yes. > >> Can you adding (not replace) new way? > > Did you look at the patch? The old script is a monster. It would > probably be easier to write a script that generates jail.conf from an > existing old-style configuration. Another option would be to keep the old script if jails are enabled but jail.conf doesn't exist. It seems cleaner in the long run to offer a script to convert rc options to a jail.conf file, run as part of mergemaster. I just worry about POLA. Yes, I've let jail startup go for too long - I really meant to put it in for 10.0 but the recent slush kind of surprised me (which means I'm just not keeping up). After 10 splits off, it's time to just do it. - Jamie