From owner-freebsd-current@FreeBSD.ORG  Tue Aug  9 21:30:37 2005
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
X-Original-To: freebsd-current@freebsd.org
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 918FE16A41F
	for <freebsd-current@freebsd.org>; Tue,  9 Aug 2005 21:30:37 +0000 (GMT)
	(envelope-from stb@lassitu.de)
Received: from schlepper.zs64.net (schlepper.zs64.net [212.12.50.230])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1D6A14448D
	for <freebsd-current@freebsd.org>; Tue,  9 Aug 2005 21:30:36 +0000 (GMT)
	(envelope-from stb@lassitu.de)
Received: from [IPv6:::1] (schlepper [212.12.50.230])
	by schlepper.zs64.net (8.13.1/8.12.9) with ESMTP id j79LUT0L073960;
	Tue, 9 Aug 2005 23:30:29 +0200 (CEST) (envelope-from stb@lassitu.de)
In-Reply-To: <N1-uLBXxM-zn8@Safe-mail.net>
References: <N1-uLBXxM-zn8@Safe-mail.net>
Mime-Version: 1.0 (Apple Message framework v733)
Content-Type: multipart/mixed; boundary=Apple-Mail-4--713061977
Message-Id: <96153776-0BE4-456F-B573-042E84730DFE@lassitu.de>
From: Stefan Bethke <stb@lassitu.de>
Date: Tue, 9 Aug 2005 23:30:26 +0200
To: drvince@anonymnet.net
X-Mailer: Apple Mail (2.733)
Cc: freebsd-current@freebsd.org
Subject: Re: More into /etc/rc.d/jail
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Aug 2005 21:30:37 -0000


--Apple-Mail-4--713061977
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed


Am 09.08.2005 um 21:10 schrieb drvince@Safe-mail.net:

> Hi,
> I'm using jails inside md devices to limit the disk space each jail  
> can use.  It's working great but I have to start manually all of  
> them at startup.  Here's my drill:
>
> mdconfig -a -t vnode -f ${IMAGE} -u ${ID}
> fsck_ufs /dev/md${ID}c
> mount /dev/md${ID}c ${DEST}
> mount_devfs devfs ${DEST}/dev
> jail -l -U root ${DEST} ${FQDN} ${IP} /bin/sh /etc/rc
>
> Therefore, I can't use the /etc/rc.d/jail facility.  So I thought,  
> it would be good to add *fsck before mounting* and an optional  
> mdconfig beforehand.
>
> jail_${NAME}_md_device=""    # The device to attach or NO
> jail_${NAME}_image=""        # The image file containing the jail,  
> used with md_device
> jail_${NAME}_fsck_options="" # Options to pass to fsck
>
> In fsck_options I could put "-t ufs".  Of course, /dev/md${ID}c  
> must be present before mounting, could happen if the image isn't  
> bsdlabel'ed.
>
> I'm a terrible coder, I could do it, but I'll need coaching and  
> I've never made a patch.  I would gladly hand that to someone else  
> but I also need it to be done, I can't babysit the server forever.   
> So, how does it sound?

I've attached the rc.d script and a sample config file we're using at  
work. We're only using md-based file systems for actual data; all  
jails share the same file system. (We're not renting out jails, but  
use them internally to separate various services on the main multi- 
user machine.)


--Apple-Mail-4--713061977
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	x-unix-mode=0644;
	name="md.conf.txt"
Content-Disposition: attachment;
	filename=md.conf.txt

#
#
#
10	/data/00/fs/devhome.fs	ufs	rw	/data/vnd/devhome
11	/data/00/fs/home.fs	ufs	rw	/data/vnd/home
12	/data/00/fs/install.fs	ufs	rw	/data/vnd/install
13	/data/00/fs/scratch.fs	ufs	rw	/data/vnd/scratch
14	/data/00/fs/tallence.fs	ufs	rw	/data/vnd/tallence

--Apple-Mail-4--713061977
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	x-unix-mode=0755;
	name="mdconfig.txt"
Content-Disposition: attachment;
	filename=mdconfig.txt

#!/bin/sh
#
# $Id$
#

# PROVIDE: mdconfig
# REQUIRE: mountcritlocal
# BEFORE: jail
# KEYWORD: nojail shutdown

. /etc/rc.subr

name="mdconfig"
start_cmd="mdconfig_start"
stop_cmd="mdconfig_stop"

mdconfig_start()
{
	if ! checkyesno mdconfig_enable; then
		return 0
	fi
	sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$' >/tmp/mdconfig.$$
	echo -n 'Mounting vn filesystems:'
	while read _unit _file _type _opts _path; do
		echo -n " ${_file}"
		mdconfig -a -t vnode -f ${_file} -u ${_unit}
		if fsck -t ${_type} -p /dev/md${_unit}; then
			mount -t ${_type} -o "${_opts}" /dev/md${_unit} ${_path}
		fi
	done </tmp/mdconfig.$$
	rm /tmp/mdconfig.$$
	echo '.'
}


mdconfig_stop()
{
	sed -e 's/#.*$//' <${mdconfig_conf} |grep -v '^[[:space:]]*$' >/tmp/mdconfig.$$
	echo -n 'Unmounting vn filesystems:'
	while read _unit _file _type _opts _path; do
		echo -n " ${_file}"
		umount /dev/md${_unit}
		mdconfig -du ${_unit}
	done </tmp/mdconfig.$$
	rm /tmp/mdconfig.$$
	echo '.'
}


load_rc_config $name
run_rc_command "$1"

--Apple-Mail-4--713061977
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	format=flowed


/etc/rc.conf:
mdconfig_enable="YES"
mdconfig_conf="/etc/md.conf"


Cheers,
Stefan

-- 
Stefan Bethke <stb@lassitu.de>   Fon +49 170 346 0140


--Apple-Mail-4--713061977--