From owner-freebsd-rc@FreeBSD.ORG Thu May 11 17:36:23 2006 Return-Path: X-Original-To: freebsd-rc@freebsd.org Delivered-To: freebsd-rc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E7D116A691 for ; Thu, 11 May 2006 17:36:23 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [80.237.196.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2F1AD43D70 for ; Thu, 11 May 2006 17:36:16 +0000 (GMT) (envelope-from erdgeist@erdgeist.org) Received: (qmail 71972 invoked by uid 0); 11 May 2006 17:35:01 -0000 Received: from wll192-70.wlan.hu-berlin.de (HELO ?141.20.192.70?) (erdgeist@erdgeist.org@141.20.192.70) by elektropost.org with AES256-SHA encrypted SMTP; 11 May 2006 17:35:01 -0000 Message-ID: <4463760F.7010304@erdgeist.org> Date: Thu, 11 May 2006 19:36:15 +0200 From: Dirk Engling User-Agent: Thunderbird 1.5.0.2 (Macintosh/20060308) MIME-Version: 1.0 To: freebsd-rc@freebsd.org References: <20060508185155.H84453@erdgeist.org> <1147106428.2570.9.camel@localhost> <20060509124442.E84453@erdgeist.org> <1147171780.4810.19.camel@mayday.esat.net> In-Reply-To: <1147171780.4810.19.camel@mayday.esat.net> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: New jail_interface broken in 6.1-RELEASE X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 May 2006 17:36:23 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear rc-team, as you seem to already have noticed by revision 1.32 there were several embarrassing mistakes introduced in /etc/rc.d/jail via http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.d/jail?rev=1.27&content-type=text/x-cvsweb-markup to implement a questionable feature[2]... merged from current just days before releasing FreeBSD-6.1. These have effectively killed my project[1], since jail_fstab is not being modified after the first jail started up, leading to missing base systems in all subsequent jails. I hardly can express in words how this smashed my view of FreeBSD as a mature reliable operating system. I will have to wait 6 months until RELEASE users have a working project again or introduce some rather unsexy workaround. (_if_ RELEASE users should update their ports...) Yet, you have up to now not even managed to mention these mistakes in errata. However, your fixes in 1.32 work so far and I'd love to see them in RELENG_6 to get at least MY servers running in a know working setup. Seriously distressed erdgeist [1] http://erdgeist.org/arts/softare/ezjail/ [2] I think, I laid out my discomfort with this feature in a private mail to flz, but there will be serious problems when using it. a) What, if I want to run several jails on one IP address? Stopping the first jail on that IP would remove the alias from my interface subsequently taking it away from the second jail. b) What, if I'd chose to run a jail on host systems IP? Stop it, BAMM - goes my host system. c) Why do you assume /32 to be the correct netmask for any given jail? What, if I want to put my jails in a different sub net? They are never going to see their gateway or other hosts in the subnet. I think, this feature is not thought through, badly implemented, merged too early and a shame for FreeBSD. If it wouldn't be too late I'd vote for removing it completely until more use cases are checked and more testing has been done. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (Darwin) iD8DBQFEY3YOImmQdUyYEgkRAknkAJsFu1Hocj/0lrCLlo7JFFKBySKCGACgiwcF T6Zhdn9bZFP1ugXGqCJg3eU= =fBuV -----END PGP SIGNATURE-----