Date: Mon, 11 Sep 2006 13:32:49 -0700 From: Christopher Cowart <ccowart@rescomp.berkeley.edu> To: freebsd-rc@freebsd.org Subject: isc-dhcpd.sh jail options conflict with /etc/rc.subr Message-ID: <20060911203249.GA20764@rescomp.berkeley.edu>
next in thread | raw e-mail | index | archive | help
--2oS5YaxWCcQjTEyO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello, I posted to questions last week, but have not received any responses.=20 =09 The port for isc-dhcp3-server has config options for enabling FreeBSD process jails. Basically, through a series of command line arguments that are generated by the isc-dhcpd.sh script, the chroot is auto-generated when you start the service and dhcpd makes the syscall to jail itself. This is actually really nifty and makes the process of running dhcpd in a thin jail brainless. The problem happens when I run "isc-dhcpd.sh stop":=20 dhcpd not running? (check /var/jails/dhcpd/var/run/dhcpd/dhcpd.pid). Well, I know better. dhcpd is clearly running with the pid indicated in the pid file. After investigating /etc/rc.subr, I've determined the cause (where $JID is the jid of the running rc script and $_jid is the jid of the process, determined by ps output): if [ "$JID" -eq "$_jid" ]; This prevents me from using the rc script outside the jail to stop the jail'd dhcpd process. /etc/rc.subr is making a false assumption that people won't want to be controlling jailed services via rc scripts on the host machine. My question is how do I get around this? I'd prefer not to hack rc.subr unless it's a community-useable patch that can be incorporated back into the official sources. One option would be to allow rc scripts to set some sort of "CHECK_JAILS" variable and to implement the necessary logic to handle it in rc.subr. Is there a better solution? --=20 Chris Cowart Unix Systems Administrator Residential Computing, UC Berkeley "May all your pushes be popped" --2oS5YaxWCcQjTEyO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFFBcfxV3SOqjnqPh0RAoO5AJ4joW+cIdGchde6ZPxDeawVvdRIOACffn+W QZI6exW5rV8fg2Qynxlqx3A= =d1dU -----END PGP SIGNATURE----- --2oS5YaxWCcQjTEyO--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060911203249.GA20764>