From owner-freebsd-jail@FreeBSD.ORG Thu Jan 21 20:50:59 2010 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0300F106568D for ; Thu, 21 Jan 2010 20:50:59 +0000 (UTC) (envelope-from cryx-freebsd@h3q.com) Received: from mail.h3q.com (mail.h3q.com [213.73.89.199]) by mx1.freebsd.org (Postfix) with ESMTP id 4750F8FC21 for ; Thu, 21 Jan 2010 20:50:58 +0000 (UTC) Received: (qmail 76079 invoked from network); 21 Jan 2010 20:50:57 -0000 Received: from mail.h3q.com (HELO mail.h3q.com) (cryx) by mail.h3q.com with AES256-SHA encrypted SMTP; 21 Jan 2010 20:50:57 -0000 Message-ID: <4B58BE30.2050402@h3q.com> Date: Thu, 21 Jan 2010 21:50:56 +0100 From: Philipp Wuensche User-Agent: Postbox 1.1.0 (Macintosh/20091201) MIME-Version: 1.0 To: David BERARD References: <201001200940.o0K9e4lO032467@freefall.freebsd.org> <4B586095.8020109@h3q.com> <4B58842C.6080106@h3q.com> <4B5894FE.1000506@nfrance.com> In-Reply-To: <4B5894FE.1000506@nfrance.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org Subject: Re: conf/142972: [jail] [patch] Support JAILv2 and vnet in rc.d/jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jan 2010 20:50:59 -0000 I'm taking this off bug-followup for now. David BERARD wrote: >> I did some testing with vnet and I find the way of using _poststart and >> _afterstart to configure ip-addr. inside a vimage jail very impractical. >> First we loose all the nice features of configuring ipaddrs. via >> ipv4_addrs_if in rc.conf from inside the jail and second, more >> important, the jail will be fully bootet before any ipaddr. is >> configured or even interfaces are configured. This will result in >> services not starting correctly, firewalling going nuts, routing-daemons >> not working etc.pp. >> > > > I had to patch rc to support this, and use this in rc.conf > jail_example_exec_earlypoststart0="ifconfig epair0b vnet example" > jail_example_exec_afterstart0="ifconfig epair0b x.x.x.x" I'm not sure I do understand this correct, but this doesn't solve the problem I described. With this patch, the ipaddr. configuration of the vnet jail is still done from outside and not by the rc scripts inside the jail! _afterstart is way too late for doing the ip-configuration because services inside the jail are already started. _earlypoststart makes no sense to me, it is still run during the wrong time. greetings, philipp