Some changes in /etc/rc.d/jail

Tue, 22 Jun 2010 01:54:27 -0700 

Hi!

In the my work process I want use jail-configs like this:

/etc/rc.conf
 jail_enable="YES"
 jjail_v2_enable="YES"

  jail_sysvipc_allow="YES"
 jail_set_hostname_allow="YES"

 jail_list="jail01"

 ail_jail01_name="jail01"
 jail_jail01_hostname="jail01.juise.ru"
 jail_jail01_rootdir="/usr/jail/work/jail01"
 jail_jail01_vnet_enable="YES"
 jail_jail01_mount_enable="YES"
 jail_jail01_devfs_enable="YES"
 jail_jail01_devfs_ruleset="jail"

 jail_jail01_exec_prestart0="mdconfig -a -t vnode -f /usr/jail/images/jail01
-u 1"
 jail_jail01_exec_prestart1="ifconfig epair0 create"
 jail_jail01_exec_prestart2="ifconfig epair0b up"
 jail_jail01_exec_prestart3="ifconfig bridge0 addm epair0b"

 jail_jail01_exec_poststart0="ifconfig epair0a vnet jail01"
 jail_jail01_exec_poststop0="ifconfig epair0b destroy"
 jail_jail01_exec_poststop1="mdconfig -d -u 1"

/etc/fstab.jail01:
 # Device       Mountpoint            FStype Options Dump    Pass#
 /dev/md1      /usr/jail/work/jail01 ufs        rw         0          0
 /usr/jail/base /usr/jail/work/jail01 unionfs  rw         0          0

For use _vnet_enable and _name I use the following patch:
s conf/142972  jail       [jail] [patch] Support JAILv2 and vnet in
rc.d/jail

But the current /etc/rc.d/jail doesn't support execute _exec_prestart FIRST,
_exec_prestart executed after execute mount function, and so I made some
changes in the /etc/rc.d/jail.

In attach:
 full.diff - my patch + BERARD David patch (142972)
 custom.diff - only my patch

-- 
Петровский Александр / Alexander Petrovsky,

ICQ: 350342118
Jabber: [email protected]
Phone: +7 914 8 820 815

--- orig.8	2010-06-23 01:52:11.000000000 +0900
+++ jail_e	2010-06-23 02:26:49.000000000 +0900
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $FreeBSD$
+# $FreeBSD: src/etc/rc.d/jail,v 1.43.2.1.2.1 2009/10/25 01:10:29 kensmith Exp $
 #
 
 # PROVIDE: jail
@@ -573,6 +573,15 @@ jail_start()
 		else
 			_setfib=""
 		fi
+	
+                i=0
+                while : ; do
+                        eval out=\"\${_exec_prestart${i}:-''}\"
+                        [ -z "$out" ] && break
+                        ${out}
+                        i=$((i + 1))
+                done
+	
 		if checkyesno _mount; then
 			info "Mounting fstab for jail ${_jail} (${_fstab})"
 			if [ ! -f "${_fstab}" ]; then
@@ -627,14 +636,6 @@ jail_start()
 		fi
 		_tmp_jail=${_tmp_dir}/jail.$$
 
-		i=0
-		while : ; do
-			eval out=\"\${_exec_prestart${i}:-''}\"
-			[ -z "$out" ] && break
-			${out}
-			i=$((i + 1))
-		done
-
 		eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \
 			\"${_addrl}\" ${_exec_start} > ${_tmp_jail} 2>&1
 

--- orig.8	2010-06-23 01:52:11.000000000 +0900
+++ new	2010-06-23 01:50:10.000000000 +0900
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $FreeBSD$
+# $FreeBSD: src/etc/rc.d/jail,v 1.43.2.1.2.1 2009/10/25 01:10:29 kensmith Exp $
 #
 
 # PROVIDE: jail
@@ -38,6 +38,7 @@ init_variables()
 	_fdescdir="${_devdir}/fd"
 	_procdir="${_rootdir}/proc"
 	eval _hostname=\"\$jail_${_j}_hostname\"
+	eval _name=\"\$jail_${_j}_name\"
 	eval _ip=\"\$jail_${_j}_ip\"
 	eval _interface=\"\${jail_${_j}_interface:-${jail_interface}}\"
 	eval _exec=\"\$jail_${_j}_exec\"
@@ -95,6 +96,8 @@ init_variables()
 		fi
 	fi
 
+        # JAIL new style
+        eval _v2=\"\${jail_v2_enable:-"NO"}\"
 	# The default jail ruleset will be used by rc.subr if none is specified.
 	eval _ruleset=\"\${jail_${_j}_devfs_ruleset:-${jail_devfs_ruleset}}\"
 	eval _devfs=\"\${jail_${_j}_devfs_enable:-${jail_devfs_enable}}\"
@@ -110,18 +113,26 @@ init_variables()
 	eval _fstab=\"\${jail_${_j}_fstab:-${jail_fstab}}\"
 	[ -z "${_fstab}" ] && _fstab="/etc/fstab.${_j}"
 	eval _flags=\"\${jail_${_j}_flags:-${jail_flags}}\"
-	[ -z "${_flags}" ] && _flags="-l -U root"
+        if checkyesno _v2; then
+                [ -z "${_flags}" ] && _flags="-l -U root -c"
+        else
+                [ -z "${_flags}" ] && _flags="-l -U root"
+        fi
 	eval _consolelog=\"\${jail_${_j}_consolelog:-${jail_consolelog}}\"
 	[ -z "${_consolelog}" ] && _consolelog="/var/log/jail_${_j}_console.log"
 	eval _fib=\"\${jail_${_j}_fib:-${jail_fib}}\"
+        eval _vnet=\"\${jail_${_j}_vnet_enable:-"NO"}\"
 
 	# Debugging aid
 	#
+        debug "$_j v2 enable: $_v2"
 	debug "$_j devfs enable: $_devfs"
 	debug "$_j fdescfs enable: $_fdescfs"
 	debug "$_j procfs enable: $_procfs"
 	debug "$_j mount enable: $_mount"
+        debug "$_j vnet enable: $_vnet"
 	debug "$_j hostname: $_hostname"
+        debug "$_j name: $_name"
 	debug "$_j ip: $_ip"
 	jail_show_addresses ${_j}
 	debug "$_j interface: $_interface"
@@ -136,6 +147,7 @@ init_variables()
 	i=0
 	while : ; do
 		eval out=\"\${_exec_prestart${i}:-''}\"
+
 		if [ -z "$out" ]; then
 			break
 		fi
@@ -144,7 +156,6 @@ init_variables()
 	done
 
 	debug "$_j exec start: $_exec_start"
-
 	i=1
 	while : ; do
 		eval out=\"\${_exec_afterstart${i}:-''}\"
@@ -152,11 +163,9 @@ init_variables()
 		if [ -z "$out" ]; then
 			break;
 		fi
-
 		debug "$_j exec after start #${i}: ${out}"
 		i=$((i + 1))
 	done
-
 	i=0
 	while : ; do
 		eval out=\"\${_exec_poststart${i}:-''}\"
@@ -166,7 +175,6 @@ init_variables()
 		debug "$_j exec post-start #${i}: ${out}"
 		i=$((i + 1))
 	done
-
 	i=0
 	while : ; do
 		eval out=\"\${_exec_prestop${i}:-''}\"
@@ -236,7 +244,6 @@ is_current_mountpoint()
 	local _dir _dir2
 
 	_dir=$1
-
 	_dir=`echo $_dir | sed -Ee 's#//+#/#g' -e 's#/$##'`
 	[ ! -d "${_dir}" ] && return 1
 	_dir2=`df ${_dir} | tail +2 | awk '{ print $6 }'`
@@ -573,6 +580,15 @@ jail_start()
 		else
 			_setfib=""
 		fi
+
+                i=0
+                while : ; do
+                        eval out=\"\${_exec_prestart${i}:-''}\"
+                        [ -z "$out" ] && break
+                        ${out}
+                        i=$((i + 1)) 
+                done
+
 		if checkyesno _mount; then
 			info "Mounting fstab for jail ${_jail} (${_fstab})"
 			if [ ! -f "${_fstab}" ]; then
@@ -580,6 +596,7 @@ jail_start()
 			fi
 			jail_mount_fstab
 		fi
+
 		if checkyesno _devfs; then
 			# If devfs is already mounted here, skip it.
 			df -t devfs "${_devdir}" >/dev/null
@@ -627,19 +644,28 @@ jail_start()
 		fi
 		_tmp_jail=${_tmp_dir}/jail.$$
 
-		i=0
-		while : ; do
-			eval out=\"\${_exec_prestart${i}:-''}\"
-			[ -z "$out" ] && break
-			${out}
-			i=$((i + 1))
-		done
-
-		eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \
-			\"${_addrl}\" ${_exec_start} > ${_tmp_jail} 2>&1
+                if checkyesno _v2; then
+                        _start_cmd="${_setfib} jail -J ${_tmp_jail} ${_flags} path=${_rootdir} host.hostname=${_hostname} \
+                                name=\"${_name}\""
+                        if checkyesno _vnet; then
+                                _start_cmd="${_start_cmd} vnet"
+                        else
+                                _start_cmd="${_start_cmd} ip4.addr=\"${_addrl}\""
+                        fi
+                         _start_cmd="${_start_cmd} command=${_exec_start}"
+                        eval ${_start_cmd} > /dev/null 2>&1
+                else
+                        eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \
+                                \"${_addrl}\" ${_exec_start} > ${_tmp_jail} 2>&1
+                fi
 
 		if [ "$?" -eq 0 ] ; then
-			_jail_id=$(head -1 ${_tmp_jail})
+                        if checkyesno _v2; then
+                                _jail_id=$(awk -F '=| ' '{print $2}' ${_tmp_jail})
+                        else
+                                _jail_id=$(head -1 ${_tmp_jail})
+                        fi
+
 			i=1
 			while : ; do
 				eval out=\"\${_exec_afterstart${i}:-''}\"

_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[email protected]"

Reply via email to