From owner-freebsd-current@FreeBSD.ORG Sun Jul 31 20:49:29 2011 Return-Path: Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF78E106566B for ; Sun, 31 Jul 2011 20:49:29 +0000 (UTC) (envelope-from mm@FreeBSD.org) Received: from mail.vx.sk (mail.vx.sk [IPv6:2a01:4f8:100:1043::3]) by mx1.freebsd.org (Postfix) with ESMTP id 218DF8FC14 for ; Sun, 31 Jul 2011 20:49:29 +0000 (UTC) Received: from core.vx.sk (localhost [127.0.0.1]) by mail.vx.sk (Postfix) with ESMTP id 518C41666FD; Sun, 31 Jul 2011 22:49:28 +0200 (CEST) X-Virus-Scanned: amavisd-new at mail.vx.sk Received: from mail.vx.sk ([127.0.0.1]) by core.vx.sk (mail.vx.sk [127.0.0.1]) (amavisd-new, port 10024) with LMTP id S11eiJMMnUNZ; Sun, 31 Jul 2011 22:49:26 +0200 (CEST) Received: from [10.9.8.1] (chello085216231078.chello.sk [85.216.231.78]) by mail.vx.sk (Postfix) with ESMTPSA id F3A601666F5; Sun, 31 Jul 2011 22:49:25 +0200 (CEST) Message-ID: <4E35BFD8.6010603@FreeBSD.org> Date: Sun, 31 Jul 2011 22:49:28 +0200 From: Martin Matuska User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20110624 Thunderbird/5.0 MIME-Version: 1.0 To: Alexander Leidinger References: <4E316E19.9040309@FreeBSD.org> <20110730172945.00001576@unknown> In-Reply-To: <20110730172945.00001576@unknown> X-Enigmail-Version: 1.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: freebsd-current@FreeBSD.org Subject: Re: [PATCH] updated /etc/rc.d/jail and added ZFS support X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Jul 2011 20:49:29 -0000 Dňa 30. 7. 2011 17:29, Alexander Leidinger wrote / napísal(a): > On Thu, 28 Jul 2011 16:11:37 +0200 Martin Matuska > wrote: > > >> The attached patch allows better fine-tuning of jails started via >> /etc/rc.d, uses the new jail(8) flags (-c -m), the persist parameter >> and adds ZFS support. >> Patch is fully backward compatible. >> >> Please review, comment and/or test my attached patch. > Can you please have a look at the jail part of > http://www.leidinger.net/FreeBSD/current-patches/etc:rc.d.diff and take > some parts which you didn't take care about > (jailname/securelevel/correctness check for fstab entries)? > > Bye, > Alexander. > I have added the check for fstab entries to my patch. The jailname/securelevel part is questionable. As to discussion with Jamie Gritton (jamie@) we should go the jail_example_params way for as many parameters as possible so we don't unnecessarily pollute rc.conf. This is not possible for persist because it has to be set to 1 on creation time for ZFS support. This way a user can set something like: jail_example_params="name=test securelevel=1 enforce_statfs=1 allow.mount=1" Patch available at: http://people.freebsd.org/~mm/patches/jail/jail_etc.patch -- Martin Matuska FreeBSD committer http://blog.vx.sk