Date: Fri, 20 Feb 2009 10:20:01 +0800 From: "Chao Shin" <quakelee@geekcn.org> To: d@delphij.net, "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: freebsd-jail@freebsd.org, freebsd-rc@freebsd.org, FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: [RFC] Skeleton jail (rc.d feature proposal) Message-ID: <op.upmork0fhnq548@qld630> In-Reply-To: <499E0463.2070608@delphij.net> References: <499244E6.9030205@delphij.net> <20090212122419.Q53478@maildrop.int.zabbadoz.net> <499E0463.2070608@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
在 Fri, 20 Feb 2009 09:16:19 +0800,Xin LI <delphij@delphij.net> 写道: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi, Bjoern, > > Bjoern A. Zeeb wrote: > [...] >> I do not have the following two on most/any of my machines: >> >>> usr/src >>> usr/obj > > I agree. > >> The correct way to do this I think would leave rc.d/jail untouched and >> (pre-)populate an /etc/fstab.<jname> and use that. > > I do not think this is a very good approach for this use case. > > Making it an rc.conf option, enables the following tasks as a one-liner > change: > - Enabling/Disabling skeleton jail (how will the system perform if I > have the template directories read-only?); > - Switching template root (what will happen if switch from 7.1 userland > to 7.2 userland?); > - Change mount points within all jails. > > I do admit that all these can be done with scripts though. > > Cheers, > - -- > Xin LI <delphij@delphij.net> http://www.delphij.net/ > FreeBSD - The Power to Serve! > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.10 (FreeBSD) > > iEYEARECAAYFAkmeBGIACgkQi+vbBBjt66A4GgCgsBo4b6PNTVDX3/3SCyv/ezXI > 6+wAn2KZFdazhFjyyf0RPFHP6+8YpyPS > =rHFi > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to > "freebsd-current-unsubscribe@freebsd.org" I think I like Li Xin's way. I have set a jail host in my company with Li Xin's patch, it didn't change the usage of original jail system, just add a make target in /usr/src/Makefile, I can use skeleton jail and original jail in one jail host. They have not much differents in rc.conf, if want skeleton, I just add two options with normal settings. It is compatible way with orignal design. quakelee -- The Power to Serve
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?op.upmork0fhnq548>