jail startup script for multi-IPs + ifconfig *sigh* stuff

[Bjoern A. Zeeb]

Hi,

I have a barely tested patch to rc.d/jail for HEAD (or the multi-IP
jail patch on 7) with the defaults/rc.conf and a for sure enhanceable
rc.conf.5 patch here:
http://people.freebsd.org/~bz/20090108-02-rc-jail.diff

For everyone who wants to grab the entire rc.d/jail file, fetch it from
http://people.freebsd.org/~bz/jail

This entire patch is only needed for thos people who like to get their
IPs configured/deconfigured upon jail start/stop and you see what a
mess of extra code this gives -- I am sure someone could improve the
sh(1) code but ...

I do NOT like this and neither do other people who will need to
approve this to go in.


I have been trying to support (most, all but the _netmask) from the
old version so you can still only give a single IP, or an IP list (of
mixed address families) but you can now also leave the IP part
entirely empty and start a no-IP jail or add a _multin with n
starting at 0 (like with _aliasn) and give the IPs on an extra line
each.

If you want to give an interface you can still use the jaiL_interface
or jail_jname_interface but you can also give an interface per
address now in that you prefix the address with ifName| (yes a pipe
and no blanks!).

If you want to give a netmask you can suffix an address with one of
those:
- /n  -- prefix notation, no spaces allowed
-  netmask a.b.c.d  -- netmask with a space between the
  adress and the work netmask and a full dot-quad mask.
  You are not allowed to be clever and wirte netmask a.b.c
-  prefixlen n -- similar to netmask but for v6

Obviously netmask will not work for a v6 address and prefixlen not for
v4 as what you give is directly passed to ifconfig.

If you give interface but no netmask '/32' is assumed for v4 and
'/128' for v6.

Anything I missed?


What I want to know from you:

1) does you current rc.conf setup work if you just replace
   /etc/rc.d/jail? (keep a backup of the old - outside of that directory!)

2) does this work for all the features *sigh* you need?

3) does it work with whatever management tool you use for jails?

4) any other comments?


In case there are bugs or problems, let me know - I'll update and
repost links.

/bz


PS: special thanks to Ruben van Staveren who had maintained a
(slightly) different version supporting v4/v6 ifconfig all the
time!

--
Bjoern A. Zeeb  The greatest risk is not taking one.
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org

Re: Importing sources to build the basejail.

[Michel]

Le jeudi 8 janvier 2009, Bastien Semene a écrit :
 Hi,

 I'm new to the list and unfortunately I come with a problem.

 My problem is that jails cannot start pseudo terminals. I found the
 software problem but I think the origin is out there.
 The host OS (FreeBSD 7.0) has been installed by a procedure from my
 server provider, but it doesn't contain the src.
 So I imported the src from another FreeBSD 7.0 server. It worked for
 making world and building the basejail but generated the following error
 and maybe others I can't see for the moment.

 So I wish to find a safe way to import sources to build a correct
 basejail. If anyone can point me a place where to find it or some
 advices I'll be glad.
 Thank you.

Try : sysinstall  Configure  Distributions   src

Michel
___
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org