Date: Fri, 30 Jan 2004 22:44:01 +0000 From: Antony T Curtis <antony.t.curtis@ntlworld.com> To: Dag-Erling =?ISO-8859-1?Q?Sm=F8rgrav?= <des@des.no> Cc: arch@freebsd.org Subject: Re: init(8) in jails Message-ID: <1075502641.51737.34.camel@pcgem.rdg.cyberkinetica.com> In-Reply-To: <xzp65et74kz.fsf@dwp.des.no> References: <xzp65et74kz.fsf@dwp.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2004-01-30 at 17:02, Dag-Erling Smørgrav wrote: > Currently, the preferred mechanism to set up a virtual server in a > jail is 'jail /path/to/jail jail.host.name 1.2.3.4 /etc/rc'. > > How about modifying init instead and teach it how to run a jail? The > advantages of that approach would include the ability to send a signal > to a jailed init to have it run /etc/rc.shutdown inside the jail and > terminate the jail cleanly; currently, there is no clean method of > terminating a jail. Funnily enough, a couple of years ago, I modified init to run inside a jail... and then some terminals accessed different jails. All you need to do is to modify init to store it's pid in /var/run/init.pid and make tools which send signals to init read that file instead of assuming that init is pid=1. a quick and simple script to start/shutdown jails... and you can do fun stuff like all the console terminals are actually talking to a jailed session - gives an additional tier of confusion when someone tries to fiddle via the console. :D The 'root' non-jailed system can then run with practically no services running - just managing the jailed 'virtual servers'. I even went as far as using nmdm to be able to talk to the non-jailed system from one of the jailed instances (since the non-jail had no network service running at all) To reduplicate all the work is perhaps 2-4 hours. I don't have the source anymore because the box it was done on was wiped by my brother and he installed RedHat on it. Now, all someone needs to do is combine it with the vimage patch and you can have a nearly full virtual server system. -- Antony T Curtis BSc Unix Analyst Programmer http://homepage.ntlworld.com/antony.t.curtis/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1075502641.51737.34.camel>