Date: Tue, 9 Aug 2005 23:30:26 +0200 From: Stefan Bethke <stb@lassitu.de> To: drvince@anonymnet.net Cc: freebsd-current@freebsd.org Subject: Re: More into /etc/rc.d/jail Message-ID: <96153776-0BE4-456F-B573-042E84730DFE@lassitu.de> In-Reply-To: <N1-uLBXxM-zn8@Safe-mail.net> References: <N1-uLBXxM-zn8@Safe-mail.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail-4--713061977
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
delsp=yes;
format=flowed
Am 09.08.2005 um 21:10 schrieb drvince@Safe-mail.net:
> Hi,
> I'm using jails inside md devices to limit the disk space each jail
> can use. It's working great but I have to start manually all of
> them at startup. Here's my drill:
>
> mdconfig -a -t vnode -f ${IMAGE} -u ${ID}
> fsck_ufs /dev/md${ID}c
> mount /dev/md${ID}c ${DEST}
> mount_devfs devfs ${DEST}/dev
> jail -l -U root ${DEST} ${FQDN} ${IP} /bin/sh /etc/rc
>
> Therefore, I can't use the /etc/rc.d/jail facility. So I thought,
> it would be good to add *fsck before mounting* and an optional
> mdconfig beforehand.
>
> jail_${NAME}_md_device="" # The device to attach or NO
> jail_${NAME}_image="" # The image file containing the jail,
> used with md_device
> jail_${NAME}_fsck_options="" # Options to pass to fsck
>
> In fsck_options I could put "-t ufs". Of course, /dev/md${ID}c
> must be present before mounting, could happen if the image isn't
> bsdlabel'ed.
>
> I'm a terrible coder, I could do it, but I'll need coaching and
> I've never made a patch. I would gladly hand that to someone else
> but I also need it to be done, I can't babysit the server forever.
> So, how does it sound?
I've attached the rc.d script and a sample config file we're using at
work. We're only using md-based file systems for actual data; all
jails share the same file system. (We're not renting out jails, but
use them internally to separate various services on the main multi-
user machine.)
--Apple-Mail-4--713061977
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
x-unix-mode=0644;
name="md.conf.txt"
Content-Disposition: attachment;
filename=md.conf.txt
#
#
#
10 /data/00/fs/devhome.fs ufs rw /data/vnd/devhome
11 /data/00/fs/home.fs ufs rw /data/vnd/home
12 /data/00/fs/install.fs ufs rw /data/vnd/install
13 /data/00/fs/scratch.fs ufs rw /data/vnd/scratch
14 /data/00/fs/tallence.fs ufs rw /data/vnd/tallence
--Apple-Mail-4--713061977
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
x-unix-mode=0755;
name="mdconfig.txt"
Content-Disposition: attachment;
filename=mdconfig.txt
#!/bin/sh
#
# $Id$
#
# PROVIDE: mdconfig
# REQUIRE: mountcritlocal
# BEFORE: jail
# KEYWORD: nojail shutdown
. /etc/rc.subr
name="mdconfig"
start_cmd="mdconfig_start"
stop_cmd="mdconfig_stop"
mdconfig_start()
{
if ! checkyesno mdconfig_enable; then
return 0
fi
sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$' >/tmp/mdconfig.$$
echo -n 'Mounting vn filesystems:'
while read _unit _file _type _opts _path; do
echo -n " ${_file}"
mdconfig -a -t vnode -f ${_file} -u ${_unit}
if fsck -t ${_type} -p /dev/md${_unit}; then
mount -t ${_type} -o "${_opts}" /dev/md${_unit} ${_path}
fi
done </tmp/mdconfig.$$
rm /tmp/mdconfig.$$
echo '.'
}
mdconfig_stop()
{
sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$' >/tmp/mdconfig.$$
echo -n 'Unmounting vn filesystems:'
while read _unit _file _type _opts _path; do
echo -n " ${_file}"
umount /dev/md${_unit}
mdconfig -du ${_unit}
done </tmp/mdconfig.$$
rm /tmp/mdconfig.$$
echo '.'
}
load_rc_config $name
run_rc_command "$1"
--Apple-Mail-4--713061977
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
format=flowed
/etc/rc.conf:
mdconfig_enable="YES"
mdconfig_conf="/etc/md.conf"
Cheers,
Stefan
--
Stefan Bethke <stb@lassitu.de> Fon +49 170 346 0140
--Apple-Mail-4--713061977--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?96153776-0BE4-456F-B573-042E84730DFE>