Date: Mon, 4 Jul 2011 16:36:16 -0500 From: Brandon Gooch <jamesbrandongooch@gmail.com> To: Jamie Gritton <jamie@freebsd.org> Cc: freebsd-jail@freebsd.org Subject: Re: New jail(8) with configuration files, not yet in head Message-ID: <CALBk6y%2BYWzOUzju-yN-bREX=4PY1pfhqX=QhW3K2qAExXkn8Mg@mail.gmail.com> In-Reply-To: <4E114EA9.4000605@FreeBSD.org> References: <4E114EA9.4000605@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 4, 2011 at 12:24 AM, Jamie Gritton <jamie@freebsd.org> wrote: > I'm hoping to get the latest version of jail(8) in before the door slams > shut on 9.0. =A0If anyone wants to take a look at the new code and give i= t a > spin, it may help to ease RE's mind about my tardiness. =A0The included d= iff > applies to the current usr.sbin/jail directory. =A0In addition to the new > program, it adds a jail.conf(5) man page that explains the config file > format (hint: it's a typical C-style block config). > > For anyone that caught my EuroBSDCon presentation last year, it's pretty > much what I presented there. =A0Unfortunately it doesn't have the suggest= ions > that were given then, which remain on the to-do list. =A0What little time= I've > devoted to this project since then has gone into cleaning things up and > fixing the error handling. =A0Other bits will still go in later, but firs= t I'd > like to move this from "project" to "real" status. > > The new program does two things. =A0First, it works the same way the curr= ent > jail(8) does, to add jails from the command line - or change their > parameters, or remove them. =A0Then it adds the ability to to the same th= ing > from a config file, including running the start-up commands that are > currently done by the rc.d/jail script. =A0Details of that are in the new > jail(8) and jail.conf(5) man pages. > > Bugs: there shouldn't be any, of course :-). =A0But please let me know if= you > see any! > > - Jamie > This is great! I have had a great experience testing this out, I'm sure others will find this really satisfying, particularly those also testing VIMAGE kernels, since the new jail config framework has vnet capability built-in. I did however notice a minor nit in the output when removing a jail. Here's the scenario: I set out with a new jail.conf(5) file: exec.start =3D "/bin/sh /etc/rc"; exec.stop =3D "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; ports { path =3D "/usr/jails/$name"; ip4.addr =3D 10.1.1.1; } I run the jail creation command: # jail -c ports ports: created /etc/rc: WARNING: $hostname is not set -- see rc.conf(5). Creating and/or trimming log files. ln: /dev/log: Operation not permitted Starting syslogd. ELF ldconfig path: /lib /usr/lib /usr/lib/compat 32-bit compatibility ldconfig path: /usr/lib32 Clearing /tmp (X related). Updating motd:. Starting sshd. Starting cron. Starting ftpd. Mon Jul 4 21:21:30 UTC 2011 ...and the jail is running: # jls JID IP Address Hostname Path 3 10.1.1.1 /usr/jails/ports Now, when I go to remove the jail: # jail -r ports Stopping cron. Waiting for PIDS: 29824. Terminated . jail: ports: (null): failed I don't think it's anything to worry about, as the jail does indeed get removed. I wonder though if this might be a indicator of some underlying problem I haven't ran into yet with my simplistic testing. All-in-all, I'm loving it -- thanks Jamie! -Brandon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALBk6y%2BYWzOUzju-yN-bREX=4PY1pfhqX=QhW3K2qAExXkn8Mg>