On Sun, Jan 22, 2012 at 12:46:10PM -0800, Garrett Cooper wrote: > On Sun, Jan 22, 2012 at 5:46 AM, Dirk Engling <[email protected]> wrote: > > Here is the output I get from not running the jail script as root:
> > Starting jails:mount_nullfs: Operation not permitted > > devfs rule: ioctl DEVFSIO_RGETNEXT: Operation not permitted > > mount: dev : Operation not permitted > > /etc/rc.d/jail: WARNING: devfs_domount(): Unable to mount devfs on > > /usr/jails/foo.com/dev > > /etc/rc.d/jail: WARNING: devfs_mount_jail: devfs was not mounted on > > /usr/jails/foo.com/dev > > ln: log: Permission denied > > mount: /usr/jails/foo.com/dev/fd: No such file or directory > > mount: proc : Operation not permitted > > cannot start jail "foo_com": > Probably a simple case of lack of set -e in the script with > appropriate error catching logic. The jailme and portsjail [*] scripts > had similar issues. You cannot use 'set -e' in rc.d scripts as it must be off both while sourcing /etc/rc.subr and while calling any function defined by it. Violating this may lead to unexpected exits of scripts. I think 'set -e' is not a "handle all my errors for me" panacea. If the script is any more complicated than just a sequence of commands, 'set -e' will very likely not do what you want. For example, if a compound command or function call is "tested", -e is ignored during all of it. The exact meaning of 'set -e' has changed several times, yet these problems have not been solved. I don't think it can be "fixed", so the least bad thing is to follow POSIX so the wrongness is at least consistent. (Unfortunately, there are still people trying to "fix" -e in POSIX in 2012.) Instead of -e, use explicit error checks such as with || or &&. -- Jilles Tjoelker _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-rc To unsubscribe, send any mail to "[email protected]"
