From owner-freebsd-current@FreeBSD.ORG  Tue Nov  2 13:04:01 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C344416A4CE
	for <current@freebsd.org>; Tue,  2 Nov 2004 13:04:01 +0000 (GMT)
Received: from smtp.cegetel.net (mf00.sitadelle.com [212.94.174.77])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 61A5843D39
	for <current@freebsd.org>; Tue,  2 Nov 2004 13:04:01 +0000 (GMT)
	(envelope-from tataz@sitadelle.com)
Received: from droopy.tech.sitadelle.com (213-223-184-193.dti.cegetel.net
	[213.223.184.193])
	by smtp.cegetel.net (Postfix) with ESMTP id 4FF0B671F8;
	Tue,  2 Nov 2004 14:03:57 +0100 (CET)
Received: by droopy.tech.sitadelle.com (Postfix, from userid 1000)
	id BFDD4FC00E; Tue,  2 Nov 2004 14:04:12 +0100 (CET)
Date: Tue, 2 Nov 2004 14:04:12 +0100
From: Jeremie Le Hen <jeremie@le-hen.org>
To: Jens Rehsack <rehsack@liwing.de>
Message-ID: <20041102130412.GI10641@sitadelle.com>
References: <27404.1099146185@critter.freebsd.dk> <4183A771.7080906@liwing.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <4183A771.7080906@liwing.de>
User-Agent: Mutt/1.5.6+20040907i
cc: current@freebsd.org
Subject: Re: HEADSUP: Filesystem rototiling over
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Nov 2004 13:04:02 -0000

> Web-Service(s), Mail-Service(s), Name-Service, ...
> 
> And on each update I had to stop the services, shutting down the jail,
> unmount each ro-bunch, mount rw, update, unmount, remount ro-bunches,
> starting jails & services.

I had a very small patch [1] that could be useful for this purpose.  I
use nullfs for my jails and I was fed up with the process you described
(the reasons are explained in the email I first sent about this, see URL
below [2]).

The basic idea of this patch is to add a new flag to mount(8)/umount(8)
in order to be able to select filesystems to work on using a prefix.  We
can then ask rc.d/jail to mount (resp. umount) jail related filesystems
while starting (resp. stopping) a jail.

For example, here is the relevant part of my fstab(5):
    /lib                    /jail/named/lib         nullfs  ro      0       0
    /libexec                /jail/named/libexec     nullfs  ro      0       0
    /usr/sbin               /jail/named/usr/sbin    nullfs  ro      0       0
    /etc/namedb             /jail/named/etc/namedb  nullfs  ro      0       0
    /var/run/named          /jail/named/var/run/named nullfs rw     0       0
    
    /bin                    /jail/postfix/bin       nullfs  ro      0       0
    /lib                    /jail/postfix/lib       nullfs  ro      0       0
    /libexec                /jail/postfix/libexec   nullfs  ro      0       0
    /etc/mail               /jail/postfix/etc/mail  nullfs  ro      0       0
    /usr/bin                /jail/postfix/usr/bin   nullfs  ro      0       0
    /usr/lib                /jail/postfix/usr/lib   nullfs  ro      0       0
    /usr/local/lib          /jail/postfix/usr/local/lib nullfs ro   0       0
    /usr/local/libexec/postfix /jail/postfix/usr/local/libexec/postfix nullfs ro 0 0
    /usr/local/sbin         /jail/postfix/usr/local/sbin nullfs ro  0       0
    /usr/local/etc/postfix  /jail/postfix/usr/local/etc/postfix nullfs ro 0 0
    /var/mail               /jail/postfix/var/mail  nullfs  rw      0       0
    /var/spool/postfix      /jail/postfix/var/spool/postfix nullfs rw 0     0
    
    
And the relevant rc.conf(5) variables:
    jail_enable="YES"
    jail_list="named postfix"
    
    jail_named_rootdir="/jail/named"
    jail_named_hostname="box1.domain.com"
    jail_named_ip="192.168.1.53"
    jail_named_exec="/usr/sbin/named -u bind"
    jail_named_devfs_enable="YES"
    jail_named_fdescfs_enable="YES"
    jail_named_procfs_enable="YES"
    jail_named_devfs_ruleset="devfsrules_named"
    jail_named_mount_enable="YES"		<------- here
    
    jail_postfix_rootdir="/jail/postfix"
    jail_postfix_hostname="box2.domain.com"
    jail_postfix_ip="192.168.1.25"
    jail_postfix_exec="/usr/local/sbin/postfix start"
    jail_postfix_devfs_enable="YES"
    jail_postfix_fdescfs_enable="YES"
    jail_postfix_procfs_enable="YES"
    jail_postfix_devfs_ruleset="devfsrules_postfix"
    jail_postfix_mount_enable="YES"		<------- and here
    

Now I can simply make
    /etc/rc.d/jail stop
before installworld and then restart jails with the opposite command, and
filesystems will get mounted and umounted automagically.

[1] http://jeremie.le-hen.org/~tataz/patches/FreeBSD/mount-c+jail_mount.patch
[2] http://lists.freebsd.org/pipermail/freebsd-current/2004-July/032004.html

-- 
Jeremie Le Hen
jeremie@le-hen.org