From owner-freebsd-jail@FreeBSD.ORG Sun Nov 29 17:50:08 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9209410656B0; Sun, 29 Nov 2009 17:50:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [IPv6:2001:4068:10::3]) by mx1.freebsd.org (Postfix) with ESMTP id 25F008FC1E; Sun, 29 Nov 2009 17:50:08 +0000 (UTC) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 8BDCD41C6A1; Sun, 29 Nov 2009 18:50:06 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([192.168.74.103]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id 3k6bHzodyrpc; Sun, 29 Nov 2009 18:50:05 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id D031E41C6BB; Sun, 29 Nov 2009 18:50:05 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 4732544496D; Sun, 29 Nov 2009 17:45:18 +0000 (UTC) Date: Sun, 29 Nov 2009 17:45:18 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Merijn Verstraaten In-Reply-To: Message-ID: <20091129174407.Q37440@maildrop.int.zabbadoz.net> References: X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-hackers@freebsd.org, freebsd-jail@freebsd.org, freebsd-rc@freebsd.org, "Simon L. Nielsen" Subject: Re: [patch] Improved jail fstab functionality inside rc.d (needs testers and review) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Nov 2009 17:50:08 -0000 On Sun, 29 Nov 2009, Merijn Verstraaten wrote: > My apologies if these are the wrong lists for this sort of thing but it was > unclear to me where else to go with additions like this. You may try freebsd-jail@ Make sure to get a review from simon@ for this. /bz -- Bjoern A. Zeeb It will not break if you know what you are doing. From owner-freebsd-jail@FreeBSD.ORG Mon Nov 30 11:06:56 2009 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 589FC1065698 for ; Mon, 30 Nov 2009 11:06:56 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 45CCE8FC08 for ; Mon, 30 Nov 2009 11:06:56 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id nAUB6uPv043473 for ; Mon, 30 Nov 2009 11:06:56 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id nAUB6tci043470 for freebsd-jail@FreeBSD.org; Mon, 30 Nov 2009 11:06:55 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 30 Nov 2009 11:06:55 GMT Message-Id: <200911301106.nAUB6tci043470@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Nov 2009 11:06:56 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid o bin/32828 jail [jail] w(1) incorrectly handles stale utmp slots with 4 problems total. From owner-freebsd-jail@FreeBSD.ORG Mon Nov 30 21:35:18 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 09269106566B; Mon, 30 Nov 2009 21:35:18 +0000 (UTC) (envelope-from merijn@inconsistent.nl) Received: from mail.inconsistent.nl (mail.inconsistent.nl [IPv6:2001:888:1744::3]) by mx1.freebsd.org (Postfix) with ESMTP id 60E2C8FC0C; Mon, 30 Nov 2009 21:35:17 +0000 (UTC) Received: from localhost (unknown [IPv6:2001:888:1744:2:226:8ff:fe05:84f4]) (Authenticated sender: merijn@inconsistent.nl) by mail.inconsistent.nl (Postfix) with ESMTPSA id DD3C63164; Mon, 30 Nov 2009 22:35:16 +0100 (CET) Content-Type: multipart/mixed; boundary=----------7MpzyhJtchi0YuZMFlCK5J To: freebsd-jail@freebsd.org, "Simon L. Nielsen" References: <20091129174407.Q37440@maildrop.int.zabbadoz.net> Date: Mon, 30 Nov 2009 22:35:15 +0100 MIME-Version: 1.0 From: "Merijn Verstraaten" Message-ID: In-Reply-To: <20091129174407.Q37440@maildrop.int.zabbadoz.net> User-Agent: Opera Mail/10.01 (MacIntel) Cc: Subject: Re: [patch] Improved jail fstab functionality inside rc.d (needs testers and review) X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Nov 2009 21:35:18 -0000 ------------7MpzyhJtchi0YuZMFlCK5J Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit On Sun, 29 Nov 2009 18:45:18 +0100, Bjoern A. Zeeb wrote: >> My apologies if these are the wrong lists for this sort of thing but it >> was unclear to me where else to go with additions like this. > > You may try freebsd-jail@ > Make sure to get a review from simon@ for this. Ok, so one more try to the proper list this time. I just finished hacking /etc/rc.d/jail to fix my two pet peeves, currently the rc framework only accepts a single fstab file per jail and (worse!) there is no way to specify the mountpoints in these fstab files relative to the jails root. This makes sharing of mounts (for example all my jails nullfs mounting the same ports tree) very cumbersome. This patch should allow you to specify multiple fstab files in the jail_fstab and jail__fstab variables and mount these in order. In addition the patch mangles the fstab files in such a way that any mountpoint in the fstab files starting with the text "ROOT" will have "ROOT" replaced with the jails rootdir. For example the following situation: rc.conf: jail_test_rootdir="/usr/jails/test" jail_test_fstab="/usr/jails/fstab /usr/jails/fstab.test" /usr/jails/fstab: /usr/ports ROOT/usr/ports nullfs ro 0 0 /usr/jails/fstab.test /path/to/some/folder ROOT/folder nullfs rw 0 0 This should result in /path/to/some/folder being mounted into /usr/jails/test/folder and /usr/ports into /usr/jails/test/usr/ports. Normal mountpoints (i.e. not prefixed with ROOT) should still be mounted as normal. Todo: The code probably needs cleaning up, it tried to confirm to the style of the surrounding code, but I didn't know how to handle stuff which resulted in either lines longer then 80 chars or very ugly line wrapping. Someone more at home in the rc.d framework should probably clean the patch up a little to conform to the style. In addition the "ROOT" prefix is now hardcoded, perhaps this should be a configurable option (jail_prefix) or something instead. If people have the time to review and/or test this patch I'd be grateful any comments/critiques are welcome. Please CC me when replying to this e-mail as I'm not currently subscribed to jail@ . Kind regards, Merijn Verstraaten ------------7MpzyhJtchi0YuZMFlCK5J Content-Disposition: attachment; filename=jail.diff Content-Type: text/plain; name=jail.diff Content-Transfer-Encoding: 7bit --- /etc/rc.d/jail 2009-11-29 14:57:51.903840488 +0100 +++ jail 2009-11-29 16:28:50.471354236 +0100 @@ -302,14 +302,17 @@ fi fi if checkyesno _mount; then - [ -f "${_fstab}" ] || warn "${_fstab} does not exist" - tail -r ${_fstab} | while read _device _mountpt _rest; do - case ":${_device}" in - :#* | :) - continue - ;; - esac - secure_umount ${_mountpt} + for _fstab_file in ${_fstab}; do + [ -f "${_fstab_file}" ] || warn "${_fstab_file} does not exist" + sed "s#ROOT#${_rootdir}#" ${_fstab_file} | + tail -r | while read _device _mountpt _rest; do + case ":${_device}" in + :#* | :) + continue + ;; + esac + secure_umount ${_mountpt} + done done fi } @@ -327,7 +330,8 @@ # jail_mount_fstab() { - local _device _mountpt _rest + local _fstab_file _device _mountpt _rest + _fstab_file="$*" while read _device _mountpt _rest; do case ":${_device}" in @@ -335,12 +339,17 @@ continue ;; esac - if is_symlinked_mountpoint ${_mountpt}; then - warn "${_mountpt} has symlink as parent - not mounting from ${_fstab}" + if [ ${_mountpt%%/*} = "ROOT" ]; then + if is_symlinked_mountpoint "${_rootdir}/${_mountpt#*/}"; then + warn "${_rootdir}/${_mountpt#*/} has symlink as parent - not mounting from ${_fstab_file}" + return + fi + elif is_symlinked_mountpoint ${_mountpt}; then + warn "${_mountpt} has symlink as parent - not mounting from ${_fstab_file}" return fi - done <${_fstab} - mount -a -F "${_fstab}" + done <${_fstab_file} + sed "s#ROOT#${_rootdir}#" ${_fstab_file} | mount -a -F /dev/stdin } # jail_show_addresses jail @@ -575,10 +584,12 @@ fi if checkyesno _mount; then info "Mounting fstab for jail ${_jail} (${_fstab})" - if [ ! -f "${_fstab}" ]; then - err 3 "$name: ${_fstab} does not exist" - fi - jail_mount_fstab + for _fstab_file in ${_fstab}; do + if [ ! -f "${_fstab_file}" ]; then + err 3 "$name: ${_fstab_file} does not exist" + fi + jail_mount_fstab ${_fstab_file} + done fi if checkyesno _devfs; then # If devfs is already mounted here, skip it. ------------7MpzyhJtchi0YuZMFlCK5J-- From owner-freebsd-jail@FreeBSD.ORG Sat Dec 5 17:03:30 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D89DC106568B for ; Sat, 5 Dec 2009 17:03:30 +0000 (UTC) (envelope-from mtzanidakis@gmail.com) Received: from mail-ew0-f216.google.com (mail-ew0-f216.google.com [209.85.219.216]) by mx1.freebsd.org (Postfix) with ESMTP id 6B0C78FC12 for ; Sat, 5 Dec 2009 17:03:30 +0000 (UTC) Received: by ewy8 with SMTP id 8so3942651ewy.35 for ; Sat, 05 Dec 2009 09:03:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:content-type :content-transfer-encoding:subject:date:message-id:to:mime-version :x-mailer; bh=qgs8FDTD5V7DYNZ033ZyMvfr/zdmmarMRE8ZnonkRUI=; b=O42sWtrCqIJvjEQVT2eA08AxETVxb46gUUD+YVXoAKiFWtZCWmw9iiQFKX70KvP+m+ XL0G0ZDnYRpJ4UUheYxxmLqB0c8lW8mPNGhM/OJHiyeeaMHLuXLtRP2s64ZYkzX1v8Jo rWozyR7ahrorK7mhLnbwPs3yHaeNEC/qcNfGY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:content-type:content-transfer-encoding:subject:date:message-id :to:mime-version:x-mailer; b=e/vxWP3ys1PtGYy2rp2zVffqc3UduBFUePo1F7joFl6b/DTWdKY4iRd5mXdZCmxhr6 j8n+jFdjNj60CKAdihl9HYMOn3aC7rjXSmR98ooDZJDsnaTeKISpNOMfS5LicohoBuVE +qHXlaEkxDGgBu8Kox4JzFgTi2AJqX7hquDoQ= Received: by 10.213.102.72 with SMTP id f8mr4681014ebo.26.1260031274566; Sat, 05 Dec 2009 08:41:14 -0800 (PST) Received: from zegebook.matza.local (athedsl-344590.home.otenet.gr [85.72.201.172]) by mx.google.com with ESMTPS id 14sm2465455ewy.7.2009.12.05.08.41.13 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sat, 05 Dec 2009 08:41:14 -0800 (PST) From: Manolis Tzanidakis Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Sat, 5 Dec 2009 18:41:12 +0200 Message-Id: <924B5EF7-AE3E-4A9E-B0D6-2FAC0151570A@gmail.com> To: freebsd-jail@freebsd.org Mime-Version: 1.0 (Apple Message framework v1077) X-Mailer: Apple Mail (2.1077) Subject: Cant't access mysql.sock (running on a jail) from a separate jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Dec 2009 17:03:30 -0000 Hello all, maybe this is already answered, but searching the list's archives was not working at the moment. Anyway, I've got a server running 8.0-RELEASE with various jails, all setup with ezjail. One jail is running mysql and another is running apache. I have a directory /usr/jails/mysqltmp (owned by mysql:mysql) on the host system, which is mounted in both jails as /mysqltmp with: /etc/fstab.mysqljail: /usr/jails/mysqltmp /usr/jails/mysqljail/mysqltmp nullfs rw 0 0 /etc/fstab.apachejail: /usr/jails/mysqltmp /usr/jails/mysqlapache/mysqltmp nullfs ro 0 0 (tried it also with 'rw', same results) I've setup my.cnf in mysqljail to write the mysql.sock socket in /mysqltmp and I can access mysql from this jail without problems, as expected. On the apachejail the socket shows up in /mysqltmp, however I can't connect: # mysql -S /mysqltmp/mysql.sock -u root -p ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/mysqltmp/mysql.socket' (2) I really need this because this setup will be replicated in a server farm with CARP and it will be serious PITA to modify all my web applications to access mysql using IP, besides the obvious performance advantages of UNIX sockets for MySQL. Any suggestions? Best, Manolis -- Manolis Tzanidakis mtzanidakis@gmail.com