From owner-freebsd-jail@FreeBSD.ORG Wed Feb 29 05:56:42 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5B06A10656A8; Wed, 29 Feb 2012 05:56:42 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [64.34.175.71]) by mx1.freebsd.org (Postfix) with ESMTP id 0FCA48FC18; Wed, 29 Feb 2012 05:56:41 +0000 (UTC) Received: from glorfindel.gritton.org (c-174-52-130-208.hsd1.ut.comcast.net [174.52.130.208]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q1T5ueXE050117; Tue, 28 Feb 2012 22:56:40 -0700 (MST) (envelope-from jamie@FreeBSD.org) Message-ID: <4F4DBE16.8060207@FreeBSD.org> Date: Tue, 28 Feb 2012 22:56:38 -0700 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.24) Gecko/20120129 Thunderbird/3.1.16 MIME-Version: 1.0 To: Martin Matuska References: <201202280121.q1S1L6Sr047797@red.freebsd.org> <4F4D56E4.3090109@FreeBSD.org> <4F4D71B1.2040509@FreeBSD.org> In-Reply-To: <4F4D71B1.2040509@FreeBSD.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Glen Barber , freebsd-gnats-submit@FreeBSD.org, freebsd-jail@FreeBSD.org Subject: Re: bin/165515: [jail][patch] "jail: unknown parameter: allow.nomount" when starting jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 05:56:42 -0000 On 02/28/12 17:30, Martin Matuska wrote: > On 28.2.2012 23:36, Jamie Gritton wrote: >> The allow.mount parameter recently changed in a subtle way - it's now >> a node (to e.g. allow.mount.devfs) as well as a parameter in its own >> right. This confused libjail which knows how to handle such parameters >> as long as they're not boolean. >> >> I'm including my proposed fix to libjail. This this fix, allow.nomount >> should once again work, as should allow.mount and other things such as >> allow.quotas/allow.noquotas should work as they did before. >> >> - Jamie > > Thanks. I might MFC this together with all the other new jail stuff to > 9-STABLE in a week or so. > Or do we need more testing? > > For 8-STABLE, all of this is a no-op, because the prerequisites for all > these changes date back to the VOP_VPTOCNP(9) change by kib. I've checked that the expected parameters get past the gauntlet, and that some things that look like them don't (such as host.nohostname). What I haven't checked, and should be done before I commit - since you've got it all set up, could you see if these do as you expect? allow.mount allow.nomount allow.mount.devfs allow.mount.nodevfs allow.chflags allow.nochflags That covers the newly fixed allow.mount, one of your new per-FS allows, and an existing allow that should work as it did before. Those (except the last) are all the kind of thing you've been testing anyway so it shouldn't be too much of an imposition :-). Beyond that, I don't see the need for 9-specific testing since it has the exact same libjail code. - Jamie