From owner-freebsd-arch@FreeBSD.ORG Sun Aug 7 19:05:26 2011 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 25FE41065670; Sun, 7 Aug 2011 19:05:26 +0000 (UTC) (envelope-from joris.dedieu@gmail.com) Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by mx1.freebsd.org (Postfix) with ESMTP id CC4988FC0A; Sun, 7 Aug 2011 19:05:25 +0000 (UTC) Received: by iye7 with SMTP id 7so7657795iye.17 for ; Sun, 07 Aug 2011 12:05:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=+eH8/nP8YMduuzAdUMe185OCjTBX1rtFjKhu4Q1m54w=; b=IeGP6+qVqDXOkUhGEDlP6mqHoO+dLfbmZyEeIE/SImVF8hkt+h8BRp7xtFFFpxFzmT nJTr32t5MxM41Wa4he30EBpRBn0kDyWdXk66oKwr6kQaNR4D1BLKHXxbu/cMrY2fHoSF Vtad1xvFV3VSi6Jta7oqBP2qk/EhcSKG8fdBU= MIME-Version: 1.0 Received: by 10.231.91.69 with SMTP id l5mr3996155ibm.47.1312742529326; Sun, 07 Aug 2011 11:42:09 -0700 (PDT) Received: by 10.231.13.204 with HTTP; Sun, 7 Aug 2011 11:42:09 -0700 (PDT) In-Reply-To: <005878F6-3CF5-482E-98E8-E5E4B8CA6C99@nitro.dk> References: <4E114EA9.4000605@FreeBSD.org> <20110718190839.GA81421@psconsult.nl> <4E25BB7C.4090106@FreeBSD.org> <005878F6-3CF5-482E-98E8-E5E4B8CA6C99@nitro.dk> Date: Sun, 7 Aug 2011 20:42:09 +0200 Message-ID: From: joris dedieu To: "Simon L. B. Nielsen" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-jail@freebsd.org, Paul Schenkeveld , Jamie Gritton , freebsd-arch@freebsd.org Subject: Re: New jail(8) with configuration files, not yet in head X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Aug 2011 19:05:26 -0000 2011/8/7 Simon L. B. Nielsen : > > On 19 Jul 2011, at 19:14, Jamie Gritton wrote: > >> On 07/18/11 13:08, Paul Schenkeveld wrote: >> >>> Although I really like this new functionality, there is one issue that >>> I am concerned about. =A0Should all this functionality be integrated in= to >>> the jail(8) command? >> >> This project came from a desire to improve the jail startup procedure in= rc.d/jail, which remains stuck handling the old fixed-parameter jails. Rat= her that continue to extend an already unwieldy number of rc.conf shell var= iables, I opted to add a configuration file like other subsystems use (e.g.= apmd, devd). =A0The new jail pseudo-parameters added to the config file ex= ist mostly to match the existing rc.d/jail functionality - the mount.* and = exec.* parameters are direct analogs to rc.conf shell variables. =A0Some ot= her parameters match the command-line options of the existing jail(8). > > [This is less a mail to Jamie and more me getting around to publicly supp= orting they way it's done] > > A thing to note is also that when starting a jail you have to be really c= areful to do all of the related operations in the right order and in a safe= manner. E.g. mounting file systems are only safe in some circumstances (re= f: symlink attacks) so that's one reason I think the new approach is the ri= ght one. Also try reading the current rc.d/jail code for checking for those= symlinks etc... not pretty. > > There are also some other quirks which means a slightly more comprehensiv= e program is better. =A0E.g. current rc.d jails have a bug where they can a= ctually fill /tmp if they produce a lot of console output due to redirectio= n to temp file (this is rarely a real problem so I never gotten around to t= rying to fix it). > > Bloat is of course a concern, but I don't think that risk outweigh the be= nefits of Jamie's new work. > > There is still room and need for a wrapper management framework (ezjail o= r something close to it) which handles the actual creation, update etc. whi= ch makes sense as a separate utility not part of jail(8). ezjail already us= es rc.d/jail heavily so I think it can nicely integrate with the new jail(8= ). > >> I wouldn't want to do away with a config file, as that's a much cleaner = way to define multiple jails than depending on the rc system or requiring a= "roll your own" approach that is currently the only way to use the newer f= eatures. > > Just reading /etc/rc.d/jail is IMO good proof of this... > >> It's clear now that this won't be happening in 9.0. =A0So none of this i= s in danger of getting pushed through in a hurry. > > I really hope that this can go into head shortly after the branch so it c= an hopefully make it into 9.1. IMHO It's a need. Jails v2 effort began in 7.2 with multiple ip support. /etc/rc.d/jail is clearly unpatchable (see comments in conf/142972). It's now reasonable to think that a way to cleanly start jails v2 at boot time can be hoped form OS primitives. Joris > > -- > Simon L. B. Nielsen > > _______________________________________________ > freebsd-arch@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" >