Re: jid and jname are numberic by default why? Can we change it ?
On 01/28/12 15:47, Daniel Shahaf wrote: P.S. As an aside, the provision in projects/jailconf/'s jail(8) that it's not possible for 'jail -r' to remove all jails _unless_ the '*' syntax is used seems unusual to me: I expect 'jail -r foo bar' to remove those two jails regardless of whether any other jails exist. (Sorry if this has been discussed already -- it's just an issue I ran across while examining the jail(8) man page in Jamie's framework.) I think I must have communicated something badly - jail -r * is the way to remove all jails without specifying them, but if your only jails are foo and bar, then jail -r foo bar will do the trick. - Jamie ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: jid and jname are numberic by default why? Can we change it ?
Jamie Gritton wrote on Mon, Jan 30, 2012 at 10:38:16 -0700: On 01/28/12 15:47, Daniel Shahaf wrote: P.S. As an aside, the provision in projects/jailconf/'s jail(8) that it's not possible for 'jail -r' to remove all jails _unless_ the '*' syntax is used seems unusual to me: I expect 'jail -r foo bar' to remove those two jails regardless of whether any other jails exist. (Sorry if this has been discussed already -- it's just an issue I ran across while examining the jail(8) man page in Jamie's framework.) I think I must have communicated something badly - jail -r * is the way to remove all jails without specifying them, but if your only jails are foo and bar, then jail -r foo bar will do the trick. That sounds absolutely sane; exactly the behaviour I'd expect. The sentence that led me to think otherwise is the second sentence of this excerpt from jail.8@r230776: An argument of .Dq * is a wildcard that will operate on all jails. To prevent errors, this is the only way for .Fl r to remove all jails. Thanks, Daniel P.S. What is the timeframe for the jailconf framework to be included in a release? 9.1, 10.0, ...? - Jamie ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: jid and jname are numberic by default why? Can we change it ?
On 01/30/12 10:55, Daniel Shahaf wrote: Jamie Gritton wrote on Mon, Jan 30, 2012 at 10:38:16 -0700: On 01/28/12 15:47, Daniel Shahaf wrote: P.S. As an aside, the provision in projects/jailconf/'s jail(8) that it's not possible for 'jail -r' to remove all jails _unless_ the '*' syntax is used seems unusual to me: I expect 'jail -r foo bar' to remove those two jails regardless of whether any other jails exist. (Sorry if this has been discussed already -- it's just an issue I ran across while examining the jail(8) man page in Jamie's framework.) I think I must have communicated something badly - jail -r * is the way to remove all jails without specifying them, but if your only jails are foo and bar, then jail -r foo bar will do the trick. That sounds absolutely sane; exactly the behaviour I'd expect. The sentence that led me to think otherwise is the second sentence of this excerpt from jail.8@r230776: An argument of .Dq * is a wildcard that will operate on all jails. To prevent errors, this is the only way for .Fl r to remove all jails. Yes, I can see what you mean. I'd tell you that sentence obviously mean something else, but at the moment I'm not sure what I meant when I write that :-). P.S. What is the timeframe for the jailconf framework to be included in a release? 9.1, 10.0, ...? Yes, those. I had missed the cutoff for 9.0 (and then waited around until 9.0 was actually released), but I'll be putting in it soon. - Jamie ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: jid and jname are numberic by default why? Can we change it ?
Matt Mullins wrote on Fri, Jan 27, 2012 at 12:06:48 -0800:
On Fri, Jan 27, 2012 at 9:08 AM, Philip M. Gollucci pgollu...@gmail.com
wrote:
All,
$ jls -nq | tail -1 | xargs -n1 | egrep '^(name|jid)='| xargs
jid=17 name=17
# jubilee/chef
jail_jubilee_hostname=jubilee.dca1.rws
jail_jubilee_ip=192.168.2.41
jail_jubilee_ip_multi0=192.168.2.42
jail_jubilee_interface=bge1
jail_jubilee_rootdir=/jubilee
jail_jubilee_devfs_enable=YES
The default flags that /etc/rc.d/jail passes to jail(8) are -l -U
root. Failing to give jail(8) a name results in name==jid, as you
found above.
You can make the rc script name the jail by setting:
jail_jubilee_flags=-n jubilee -l -U root
Good point. Would it make sense to have rc.d/jail behave this way by
default?
% diff -u /etc/rc.d/jail jail
--- /etc/rc.d/jail 2012-01-21 18:22:26.0 +0200
+++ jail2012-01-28 10:13:03.0 +0200
@@ -112,7 +112,7 @@
eval _fstab=\\${jail_${_j}_fstab:-${jail_fstab}}\
[ -z ${_fstab} ] _fstab=/etc/fstab.${_j}
eval _flags=\\${jail_${_j}_flags:-${jail_flags}}\
- [ -z ${_flags} ] _flags=-l -U root
+ [ -z ${_flags} ] _flags=-n ${_j} -l -U root
eval _consolelog=\\${jail_${_j}_consolelog:-${jail_consolelog}}\
[ -z ${_consolelog} ] _consolelog=/var/log/jail_${_j}_console.log
eval _fib=\\${jail_${_j}_fib:-${jail_fib}}\
Notice the rc script uses the second form of syntax listed in jail(8),
at least on 9.0-RELEASE.
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: jid and jname are numberic by default why? Can we change it ?
On 28. Jan 2012, at 08:19 , Daniel Shafaf wrote:
Matt Mullins wrote on Fri, Jan 27, 2012 at 12:06:48 -0800:
On Fri, Jan 27, 2012 at 9:08 AM, Philip M. Gollucci pgollu...@gmail.com
wrote:
All,
$ jls -nq | tail -1 | xargs -n1 | egrep '^(name|jid)='| xargs
jid=17 name=17
# jubilee/chef
jail_jubilee_hostname=jubilee.dca1.rws
jail_jubilee_ip=192.168.2.41
jail_jubilee_ip_multi0=192.168.2.42
jail_jubilee_interface=bge1
jail_jubilee_rootdir=/jubilee
jail_jubilee_devfs_enable=YES
The default flags that /etc/rc.d/jail passes to jail(8) are -l -U
root. Failing to give jail(8) a name results in name==jid, as you
found above.
You can make the rc script name the jail by setting:
jail_jubilee_flags=-n jubilee -l -U root
Good point. Would it make sense to have rc.d/jail behave this way by
default?
% diff -u /etc/rc.d/jail jail
--- /etc/rc.d/jail 2012-01-21 18:22:26.0 +0200
+++ jail2012-01-28 10:13:03.0 +0200
@@ -112,7 +112,7 @@
eval _fstab=\\${jail_${_j}_fstab:-${jail_fstab}}\
[ -z ${_fstab} ] _fstab=/etc/fstab.${_j}
eval _flags=\\${jail_${_j}_flags:-${jail_flags}}\
- [ -z ${_flags} ] _flags=-l -U root
+ [ -z ${_flags} ] _flags=-n ${_j} -l -U root
eval _consolelog=\\${jail_${_j}_consolelog:-${jail_consolelog}}\
[ -z ${_consolelog} ]
_consolelog=/var/log/jail_${_j}_console.log
eval _fib=\\${jail_${_j}_fib:-${jail_fib}}\
No. rc.d/jail shall not be extended anymore; please see the framework Jamie
posted
on freebsd-jail last year and test/review/report back there.
See http://lists.freebsd.org/pipermail/freebsd-jail/2011-July/thread.html#1568
You get a config file etc and get rid of all the shell magic and nightmare.
/bz
Notice the rc script uses the second form of syntax listed in jail(8),
at least on 9.0-RELEASE.
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
--
Bjoern A. Zeeb You have to have visions!
It does not matter how good you are. It matters what good you do!
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
Re: jid and jname are numberic by default why? Can we change it ?
Bjoern A. Zeeb wrote on Sat, Jan 28, 2012 at 21:06:59 +:
On 28. Jan 2012, at 08:19 , Daniel Shafaf wrote:
Matt Mullins wrote on Fri, Jan 27, 2012 at 12:06:48 -0800:
On Fri, Jan 27, 2012 at 9:08 AM, Philip M. Gollucci pgollu...@gmail.com
wrote:
All,
$ jls -nq | tail -1 | xargs -n1 | egrep '^(name|jid)='| xargs
jid=17 name=17
# jubilee/chef
jail_jubilee_hostname=jubilee.dca1.rws
jail_jubilee_ip=192.168.2.41
jail_jubilee_ip_multi0=192.168.2.42
jail_jubilee_interface=bge1
jail_jubilee_rootdir=/jubilee
jail_jubilee_devfs_enable=YES
The default flags that /etc/rc.d/jail passes to jail(8) are -l -U
root. Failing to give jail(8) a name results in name==jid, as you
found above.
You can make the rc script name the jail by setting:
jail_jubilee_flags=-n jubilee -l -U root
Good point. Would it make sense to have rc.d/jail behave this way by
default?
% diff -u /etc/rc.d/jail jail
--- /etc/rc.d/jail 2012-01-21 18:22:26.0 +0200
+++ jail2012-01-28 10:13:03.0 +0200
@@ -112,7 +112,7 @@
eval _fstab=\\${jail_${_j}_fstab:-${jail_fstab}}\
[ -z ${_fstab} ] _fstab=/etc/fstab.${_j}
eval _flags=\\${jail_${_j}_flags:-${jail_flags}}\
- [ -z ${_flags} ] _flags=-l -U root
+ [ -z ${_flags} ] _flags=-n ${_j} -l -U root
eval _consolelog=\\${jail_${_j}_consolelog:-${jail_consolelog}}\
[ -z ${_consolelog} ]
_consolelog=/var/log/jail_${_j}_console.log
eval _fib=\\${jail_${_j}_fib:-${jail_fib}}\
No. rc.d/jail shall not be extended anymore; please see the framework Jamie
posted
on freebsd-jail last year and test/review/report back there.
See http://lists.freebsd.org/pipermail/freebsd-jail/2011-July/thread.html#1568
It appears that the problem is already solved in that framework:
a jail.conf(5) block defining a jail is required to be preceded by
a jailname{}, which is documented to set the jail(8)'s name. In other
words, it won't be possible to define in jail.conf(5) a jail that will
end up nameless (and thus implicitly named as its jid).
Thanks for the pointer,
Daniel
[1] http://svn.freebsd.org/base/projects/jailconf/usr.sbin/jail/jail.conf.5
P.S. As an aside, the provision in projects/jailconf/'s jail(8) that
it's not possible for 'jail -r' to remove all jails _unless_ the '*'
syntax is used seems unusual to me: I expect 'jail -r foo bar' to remove
those two jails regardless of whether any other jails exist. (Sorry if
this has been discussed already -- it's just an issue I ran across while
examining the jail(8) man page in Jamie's framework.)
You get a config file etc and get rid of all the shell magic and
nightmare.
/bz
Notice the rc script uses the second form of syntax listed in jail(8),
at least on 9.0-RELEASE.
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
--
Bjoern A. Zeeb You have to have visions!
It does not matter how good you are. It matters what good you do!
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
jid and jname are numberic by default why? Can we change it ?
All,
$ jls -nq | tail -1 | xargs -n1 | egrep '^(name|jid)='| xargs
jid=17 name=17
$ jls
JID IP Address Hostname Path
3 192.168.2.38sid.dca1.rws /sid
17 192.168.2.41jubilee.dca1.rws /jubilee
# jubilee/chef
jail_jubilee_hostname=jubilee.dca1.rws
jail_jubilee_ip=192.168.2.41
jail_jubilee_ip_multi0=192.168.2.42
jail_jubilee_interface=bge1
jail_jubilee_rootdir=/jubilee
jail_jubilee_devfs_enable=YES
From jexec(8):
DESCRIPTION
The jexec utility executes command inside the jail identified by
its jid or name.
This works, but kind of defeats the point --
$ sudo jexec `jls |grep sid |awk '{print $1}'` /bin/bash
--
1024D/DB9B8C1C B90B FBC3 A3A1 C71A 8E70 3F8C 75B8 8FFB DB9B 8C1C
Philip M. Gollucci (pgollu...@p6m7g8.com) c: 703.336.9354
Member, Apache Software Foundation
Committer,FreeBSD Foundation
Consultant, P6M7G8 Inc.
Director Operations, Ridecharge Inc.
Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.
signature.asc
Description: OpenPGP digital signature
Re: jid and jname are numberic by default why? Can we change it ?
On Fri, Jan 27, 2012 at 9:08 AM, Philip M. Gollucci pgollu...@gmail.com wrote: All, $ jls -nq | tail -1 | xargs -n1 | egrep '^(name|jid)='| xargs jid=17 name=17 # jubilee/chef jail_jubilee_hostname=jubilee.dca1.rws jail_jubilee_ip=192.168.2.41 jail_jubilee_ip_multi0=192.168.2.42 jail_jubilee_interface=bge1 jail_jubilee_rootdir=/jubilee jail_jubilee_devfs_enable=YES The default flags that /etc/rc.d/jail passes to jail(8) are -l -U root. Failing to give jail(8) a name results in name==jid, as you found above. You can make the rc script name the jail by setting: jail_jubilee_flags=-n jubilee -l -U root Notice the rc script uses the second form of syntax listed in jail(8), at least on 9.0-RELEASE. -- Matt Mullins ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
