From owner-freebsd-current@FreeBSD.ORG Mon Apr 21 09:40:41 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACDBE37B401 for ; Mon, 21 Apr 2003 09:40:41 -0700 (PDT) Received: from sccrmhc01.attbi.com (sccrmhc01.attbi.com [204.127.202.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0156643FDF for ; Mon, 21 Apr 2003 09:40:41 -0700 (PDT) (envelope-from DougB@freebsd.org) Received: from master.gorean.org (12-234-22-23.client.attbi.com[12.234.22.23]) by sccrmhc01.attbi.com (sccrmhc01) with SMTP id <2003042116404000100a3r2ge>; Mon, 21 Apr 2003 16:40:40 +0000 Date: Mon, 21 Apr 2003 09:40:39 -0700 (PDT) From: Doug Barton To: "Scot W. Hetzel" In-Reply-To: <001301c30816$f55e5a50$13fd2fd8@Admin02> Message-ID: <20030421093940.L2827@znfgre.tberna.bet> References: <200304200055.h3K0tHJB005595@WBIw009.westbend.net> <001301c30816$f55e5a50$13fd2fd8@Admin02> Organization: http://www.FreeBSD.org/ X-message-flag: Outlook -- Not just for spreading viruses anymore! MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: FreeBSD-Current Subject: Re: Enhancements to the new rc.d/jail script X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Apr 2003 16:40:42 -0000 On Mon, 21 Apr 2003, Scot W. Hetzel wrote: > From: "Doug Barton" > > On Sat, 19 Apr 2003, Scot W. Hetzel wrote: > > > > > Attached are patches for the new rc.d/jail script. > > > > This looks like good work, thanks! My only question, how will this devfs > > stuff affect a system that isn't running jails? > > > The only affect it would have is having ruleset 10 defined, but not used on > the non-jail system. > > If a sys admin defines ruleset 10 in /etc/rc.devfs, then either the 2 will > be merged or the rc.d/devfs ruleset will be overwritten (if "/sbin/devfs > rule -s 10 delset" is in /etc/rc.devfs). Thanks for the clarification. I think that this has enough foot-shooting potential that it should probably be hidden behind a knob in rc.conf. Doug -- This .signature sanitized for your protection