Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Mon, 15 Dec 2008, Brian A. Seklecki wrote: On Thu, 2008-12-11 at 22:53 +0100, Philipp Wuensche wrote: Not entirely true, the jls output is totaly different than before and breaks third-party applications like jailaudit and ezjail. Right, well, whether they check for VERSION > 70200x or 8, the format will is likely to change. Once everything has been sorted out, they can add support now, push out the updates, and the version in common use will be forward/backward compatible. Whatever we have to do to light a fire there -- I just don't want ezjail-admin compatibility to be a showstopper on this. Two comments: the format as is, is most likely to stay for the livetime of the 7.x branch once things are MFCed. For 8 with vimage and we'll get an entirely new management interface for all this. /bz PS: yes, I know rc.d/jail foo still needs integration. Has anyone tested what was posted? -- Bjoern A. Zeeb The greatest risk is not taking one. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Thu, 2008-12-11 at 22:53 +0100, Philipp Wuensche wrote: > Not entirely true, the jls output is totaly different than before and > breaks third-party applications like jailaudit and ezjail. Right, well, whether they check for VERSION > 70200x or 8, the format will is likely to change. Once everything has been sorted out, they can add support now, push out the updates, and the version in common use will be forward/backward compatible. Whatever we have to do to light a fire there -- I just don't want ezjail-admin compatibility to be a showstopper on this. > > It is uneasy to parse too. -- Brian A. Seklecki Collaborative Fusion, Inc. signature.asc Description: This is a digitally signed message part
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Sun, 14 Dec 2008, Philipp Wuensche wrote: Hi, ok, after another round of private mails I got it; I had been living with jail patches for too long; the jls output (without -v) should be on one line and not on two. That wasn't intended. Unfortunately noone had complained the months before.. I'll look at this. can you try this patch? http://people.freebsd.org/~bz/20081214-01-jls-v1.diff Works for me, jls without arguments now gives the old output, -v shows all the new features! Thanks for testing. Comitted it to HEAD. /bz -- Bjoern A. Zeeb The greatest risk is not taking one. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
Bjoern A. Zeeb wrote: > On Thu, 11 Dec 2008, Bjoern A. Zeeb wrote: > > Hi, > >> ok, after another round of private mails I got it; I had been living >> with jail patches for too long; the jls output (without -v) should be >> on one line and not on two. That wasn't intended. Unfortunately noone >> had complained the months before.. I'll look at this. > > can you try this patch? > http://people.freebsd.org/~bz/20081214-01-jls-v1.diff Works for me, jls without arguments now gives the old output, -v shows all the new features! thanks! greetings, Philipp ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Thu, 11 Dec 2008, Bjoern A. Zeeb wrote: Hi, ok, after another round of private mails I got it; I had been living with jail patches for too long; the jls output (without -v) should be on one line and not on two. That wasn't intended. Unfortunately noone had complained the months before.. I'll look at this. can you try this patch? http://people.freebsd.org/~bz/20081214-01-jls-v1.diff /bz -- Bjoern A. Zeeb The greatest risk is not taking one. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Thu, 11 Dec 2008, Philipp Wuensche wrote: Hi, ok, after another round of private mails I got it; I had been living with jail patches for too long; the jls output (without -v) should be on one line and not on two. That wasn't intended. Unfortunately noone had complained the months before.. I'll look at this. /bz -- Bjoern A. Zeeb The greatest risk is not taking one. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
I patched my jls to output the list of jails in XML & CSV format. makes things alot nicer to script with. Might be worth doing for everyone. - Andrew ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
Bjoern A. Zeeb wrote: > On Thu, 11 Dec 2008, Philipp Wuensche wrote: > > Hi, > Not entirely true, the jls output is totaly different than before and breaks third-party applications like jailaudit and ezjail. >>> >>> This is only true if you use any of the new features. In case you use >>> single-IPv4 jails as before there should be absoultely no change in the >>> output format. >> >> Why do I get the new jls output then when I only use one ipaddr. for a >> jail and none of the new features at all? > > What are you using? The version from HEAD or are you running a patch > on either HEAD or 7 and if so from when? The version from HEAD without any patches. * $FreeBSD: src/usr.sbin/jls/jls.c,v 1.7 2008/12/11 01:04:25 bz Exp $ greetings, philipp ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Thu, 11 Dec 2008, Philipp Wuensche wrote: Hi, Not entirely true, the jls output is totaly different than before and breaks third-party applications like jailaudit and ezjail. This is only true if you use any of the new features. In case you use single-IPv4 jails as before there should be absoultely no change in the output format. Why do I get the new jls output then when I only use one ipaddr. for a jail and none of the new features at all? What are you using? The version from HEAD or are you running a patch on either HEAD or 7 and if so from when? /bz -- Bjoern A. Zeeb The greatest risk is not taking one. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
Philipp Wuensche writes: > Not entirely true, the jls output is totaly different than before and > breaks third-party applications like jailaudit and ezjail. > > It is uneasy to parse too. jls | tail +3 | while read line ; do set $line if [ $# = 3 ] ; then echo "jail $1 (name $2 root $3) IPs:" elif [ $# = 1 ] ; then echo "$1" else echo "huh?" fi done DES -- Dag-Erling Smørgrav - d...@des.no ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
Bjoern A. Zeeb wrote: > On Thu, 11 Dec 2008, Philipp Wuensche wrote: > > Hi, > >> Brian A. Seklecki wrote: >>> On Fri, 2008-12-05 at 20:47 +0100, Dag-Erling Smørgrav wrote: The question is, does it change existing behavior, or just add new functionality? >>> >>> The syntax semantics should be backward compatible, so likely the >>> latter. >> >> Not entirely true, the jls output is totaly different than before and >> breaks third-party applications like jailaudit and ezjail. > > This is only true if you use any of the new features. In case you use > single-IPv4 jails as before there should be absoultely no change in the > output format. Why do I get the new jls output then when I only use one ipaddr. for a jail and none of the new features at all? > PS: I trimmed the CC: list as noone was able to adhere to Reply-To. freebsd-current should be in the CC as the discussion is if it is MFCd and let loose to 7.2R greetings, Philipp ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
Brian A. Seklecki wrote: > On Fri, 2008-12-05 at 20:47 +0100, Dag-Erling Smørgrav wrote: >> The question is, does it change existing behavior, or just add new >> functionality? > > The syntax semantics should be backward compatible, so likely the > latter. Not entirely true, the jls output is totaly different than before and breaks third-party applications like jailaudit and ezjail. It is uneasy to parse too. greetings, Philipp ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Thu, 11 Dec 2008, Philipp Wuensche wrote: Hi, Brian A. Seklecki wrote: On Fri, 2008-12-05 at 20:47 +0100, Dag-Erling Smørgrav wrote: The question is, does it change existing behavior, or just add new functionality? The syntax semantics should be backward compatible, so likely the latter. Not entirely true, the jls output is totaly different than before and breaks third-party applications like jailaudit and ezjail. This is only true if you use any of the new features. In case you use single-IPv4 jails as before there should be absoultely no change in the output format. /bz PS: I trimmed the CC: list as noone was able to adhere to Reply-To. -- Bjoern A. Zeeb The greatest risk is not taking one.___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Fri, 2008-12-05 at 20:47 +0100, Dag-Erling Smørgrav wrote: > The question is, does it change existing behavior, or just add new > functionality? The syntax semantics should be backward compatible, so likely the latter. -- Brian A. Seklecki <[EMAIL PROTECTED]> Collaborative Fusion, Inc. signature.asc Description: This is a digitally signed message part
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
"Brian A. Seklecki" <[EMAIL PROTECTED]> writes: > alexus <[EMAIL PROTECTED]> writes: > > as far as I understood HEAD is 8.0-CURRENT > The trick is to bribe the right people to get it RFP'd into 7.2R. :) The question is, does it change existing behavior, or just add new functionality? If the former, it should not be MFCed. DES -- Dag-Erling Smørgrav - [EMAIL PROTECTED] ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Tue, 2008-12-02 at 21:00 -0500, alexus wrote: > as far as I understood HEAD is 8.0-CURRENT The trick is to bribe the right people to get it RFP'd into 7.2R. :) ~BAS -- Brian A. Seklecki <[EMAIL PROTECTED]> Collaborative Fusion, Inc. signature.asc Description: This is a digitally signed message part
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On Fri, 5 Dec 2008, Peter Jeremy wrote: Hi, On 2008-Dec-02 21:00:23 -0500, alexus <[EMAIL PROTECTED]> wrote: as far as I understood HEAD is 8.0-CURRENT Yes. is there a way for us to start using it before 8.0 hits -RELEASE There are two ways. The first is: 1) Checkout a copy of the HEAD src tree via your chosen source tracker (cvs/cvsup/ctm/...) 2) Follow the instructions in /usr/src/UPDATING to build and install 3) Test well on a non-production box in as close to your production environment as possible. Be prepared to feed back problems and test fixes. 4) Once you are satisfied that it works for you, place it in production. This is basically the same as any other FreeBSD release except that you should test more rigourously. That's for running HEAD. I would be careful doing this on a production system if one does not know what one is really doing when doing this;) Your second option is to take the patches from r185435 and apply them to your 7.x source tree. This may take some massaging (I'm not sure how much 7 and 8 differ in the affected areas). bz@ may be interested in your experiences. Then test and roll-out as above. There is difference, though not much. Thus just taking the patch won't work but the solution was posted like 2 weeks ago: http://lists.freebsd.org/pipermail/freebsd-jail/2008-November/000615.html Look for where it says "RELENG_7". lucky), I somehow was under impression (and i guess i was wrong) that it will come out in 7.1, It's far too late for any new features in 7.1 but the commit log says it should be in 7.2. Yupp that's the plan. And the reason it will not be in 7.1-RELEASE is that noone provided the needed bribing money. See http://lists.freebsd.org/pipermail/freebsd-jail/2008-November/000619.html (not serious here). It's been just too late. Regards, Bjoern -- Bjoern A. Zeeb The greatest risk is not taking one. ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
On 2008-Dec-02 21:00:23 -0500, alexus <[EMAIL PROTECTED]> wrote: >as far as I understood HEAD is 8.0-CURRENT Yes. >is there a way for us to start using it before 8.0 hits -RELEASE There are two ways. The first is: 1) Checkout a copy of the HEAD src tree via your chosen source tracker (cvs/cvsup/ctm/...) 2) Follow the instructions in /usr/src/UPDATING to build and install 3) Test well on a non-production box in as close to your production environment as possible. Be prepared to feed back problems and test fixes. 4) Once you are satisfied that it works for you, place it in production. This is basically the same as any other FreeBSD release except that you should test more rigourously. Your second option is to take the patches from r185435 and apply them to your 7.x source tree. This may take some massaging (I'm not sure how much 7 and 8 differ in the affected areas). bz@ may be interested in your experiences. Then test and roll-out as above. >lucky), I somehow was under impression (and i guess i was wrong) that >it will come out in 7.1, It's far too late for any new features in 7.1 but the commit log says it should be in 7.2. -- Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. pgpum4pJTelve.pgp Description: PGP signature
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
as far as I understood HEAD is 8.0-CURRENT is there a way for us to start using it before 8.0 hits -RELEASE which according to freebsd.org will be in june 2009, which we all know how accured their schedule is, so, my guess is very well Q4 of 2009 (if we lucky), I somehow was under impression (and i guess i was wrong) that it will come out in 7.1, I have a server that needs to be migrated and really doing so without multi ip patch will be a really big . -- http://alexus.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
Quoting "Bjoern A. Zeeb" <[EMAIL PROTECTED]> (from Mon, 1 Dec 2008 09:41:46 + (UTC)): Hi, as you may have already noticed multi-IPv4/v6/no-IP jails have hit HEAD. See commit message attached. Will this introduce changes how multicast is handled in jails, or is it the same behavior as before (whatever the previous behavior was). Additionally you can give a jail a name now using the -n option: jail -n "bz's private noip jail" / noip.example.net "" /bin/sh You may not want to use special characters or whitespace but it is just a string, so you can. There are no restrictions and even 10 jails could have the same name. The jail (inside) cannot change the name. It's set upon jail creation and unchangeable from then on. Is this private name visible inside the jail (I don't need this feature, so I don't care, but people should know so that they don't put offensive stuff there in case it is visible inside)? Bye, Alexander. -- Since we cannot hope for order, let us withdraw with style from the chaos. -- Tom Stoppard http://www.Leidinger.netAlexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137 ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: HEADS UP: r185435 multi-IPv4/v6/no-IP jails in HEAD
Am 01.12.2008 um 10:41 schrieb Bjoern A. Zeeb: as you may have already noticed multi-IPv4/v6/no-IP jails have hit HEAD. See commit message attached. Thank you and everyone who worked so hard on this for so long! I shall proceed to put this into production this year, if I find the time before xmas to move the 10-odd jails over to a new set of machines :-) Stefan -- Stefan Bethke <[EMAIL PROTECTED]> Fon +49 170 346 0140 ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
