On Sat, 27 Jun 2009, Alexander Leidinger wrote:
On Sat, 27 Jun 2009 10:47:47 +0000 (UTC) "Bjoern A. Zeeb"
<[email protected]> wrote:
On Sat, 27 Jun 2009, Alexander Leidinger wrote:
at http://www.leidinger.net/FreeBSD/current-patches/jail.diff I
have a patch to switch the jail rc script to the new jail
(8-current) syntax. This includes new config options for a jail
(see etc/defaults/rc.conf after patching). The patch also contains
my X-in-a-jail stuff (feel free to ignore this part, it's disabled
by default).
If you do not make any config change, you will be able to see all
mounted filesystems of the entire machine. To get back to the
previous behavior, you have to add a config option:
jail_XXX_startparams="enforce_statfs=2"
This config option can also take other jail parameters like
allow.sysvipc and other ones described in the jail man-page
(additional parameters need to be space separated).
Feedback welcome.
1) it break various things that will no longer work
As mentioned, it "breaks" the statfs part. If there's anything else, be
more specific please.
v6, noIP, ...
2) it's not a poper solution
The proper solution for the statfs part would be, that jail(8) defaults
to =2 if nothing is specified. Alternatively I can get convinced that
we should do a default for it in defaults/rc.conf if nothing is specied
for startparams for a particular jail (like we have for some other
things), but this would not be as good as if jail(8) would handle it
itself.
If you do not talk about the statfs part but in a more generic way,
what would be a proper solution in your eyes?
A proper solution would be a proper mgmt system ready for the future
instead of continuting to hack up rc.d/jail via option fo bar baz and
another 17000 of them.
But this is nothing I'll discuss today while things aren't fully
shaken out yet.
For now what used to work should continue to work and not break.
Everything else on top of that needs to be done properly and not in a
rainy-midnight-drive-by.
/bz
--
Bjoern A. Zeeb The greatest risk is not taking one.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[email protected]"
