Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 5 Aug 2014 06:49:55 -0600 (MDT)
From:      Warren Block <wblock@wonkity.com>
To:        mailinglists <mailinglists@debank.tv>
Cc:        freebsd-jail@freebsd.org
Subject:   Re: ezjail and mergemaster
Message-ID:  <alpine.BSF.2.11.1408050623070.48033@wonkity.com>
In-Reply-To: <53E08A88.1030007@debank.tv>
References:  <alpine.BSF.2.11.1407291519270.34044@wonkity.com> <53D81D43.6070503@freebsd.org> <alpine.BSF.2.11.1408041707100.34818@wonkity.com> <53E08A88.1030007@debank.tv>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, 5 Aug 2014, mailinglists wrote:

> On 5/08/14 11:13 am, Warren Block wrote:
>> On Tue, 29 Jul 2014, Allan Jude wrote:
>>
>>> On 2014-07-29 17:44, Warren Block wrote:
>>>>
>>>> What process for running mergemaster should I suggest?  Maybe different
>>>> ones for trusted and untrusted jails?
>>>
>>> This will mount /usr/src into the basejail read-only:
>>>
>>> mount -t nullfs -o ro /usr/src /usr/jails/basejail/usr/src
>>
>> Thank you.  I took the easy way out, by showing how to mount the
>> source in the jails and just mentioning mergemaster.
>>
>> Draft version:
>> http://www.wonkity.com/~wblock/jails/jails-ezjail.html
>> _______________________________________________
>
> Would it be an idea to list the files that can be excluded from
> mergemaster updates, a lot of the rc scripts are a no-op inside a jail,
> if one has to update a large number of ports this can make a real
> difference.
>
> I guess ideally mergemaster itself could be extended to include a flag
> to indicate it's run inside (or targeted at) a jail and remove/ignore rc
> scripts that will never be used but that's probably outside the scope of
> this discussion.

A more predictable and possibly safer way is to manually add a standard 
list of ignorable jail files to IGNORE_FILES in /etc/mergemaster.rc.

However, now I find that just null-mounting the source on the basejail 
is not enough.  /usr/src is still empty inside the jails.  There is a 
configuration option or something for this, I think, I just can't recall 
it.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.11.1408050623070.48033>