From owner-freebsd-rc@FreeBSD.ORG Thu May 11 18:46:37 2006 Return-Path: X-Original-To: freebsd-rc@freebsd.org Delivered-To: freebsd-rc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E8E7116A8E5 for ; Thu, 11 May 2006 18:46:37 +0000 (UTC) (envelope-from flz@xbsd.org) Received: from smtp.xbsd.org (xbsd.org [82.233.2.192]) by mx1.FreeBSD.org (Postfix) with ESMTP id F3DCE44436 for ; Thu, 11 May 2006 18:18:52 +0000 (GMT) (envelope-from flz@xbsd.org) Received: from localhost (localhost.xbsd.org [127.0.0.1]) by smtp.xbsd.org (Postfix) with ESMTP id 0D26611443; Thu, 11 May 2006 20:18:48 +0200 (CEST) Received: from smtp.xbsd.org ([127.0.0.1]) by localhost (srv1.xbsd.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 45788-07; Thu, 11 May 2006 20:18:36 +0200 (CEST) Received: from cream.stl.xbsd.org (unknown [193.120.13.130]) by smtp.xbsd.org (Postfix) with ESMTP id 92B561143B; Thu, 11 May 2006 20:18:35 +0200 (CEST) From: Florent Thoumie To: Dirk Engling In-Reply-To: <4463760F.7010304@erdgeist.org> References: <20060508185155.H84453@erdgeist.org> <1147106428.2570.9.camel@localhost> <20060509124442.E84453@erdgeist.org> <1147171780.4810.19.camel@mayday.esat.net> <4463760F.7010304@erdgeist.org> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-I472SjINIMCHmxI9u0wS" Date: Thu, 11 May 2006 19:15:11 +0200 Message-Id: <1147367711.80625.24.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.6.1 FreeBSD GNOME Team Port X-Virus-Scanned: amavisd-new at xbsd.org Cc: freebsd-rc@freebsd.org Subject: Re: New jail_interface broken in 6.1-RELEASE X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 May 2006 18:46:48 -0000 --=-I472SjINIMCHmxI9u0wS Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, 2006-05-11 at 19:36 +0200, Dirk Engling wrote: > Dear rc-team, Really, there's no -rc team. The might be 3 or 4 committers committing in the rc area on a regular basis. > as you seem to already have noticed by revision 1.32 there were several > embarrassing mistakes introduced in /etc/rc.d/jail via > http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.d/jail?rev=3D1.27&conten= t-type=3Dtext/x-cvsweb-markup >=20 > to implement a questionable feature[2]... merged from current just days > before releasing FreeBSD-6.1. Here's my mistake, I wasn't eager to commit things during the slush, I shouldn't have done it. It's easier to complain than to live with it. > These have effectively killed my project[1], since jail_fstab is not > being modified after the first jail started up, leading to missing base > systems in all subsequent jails. Really, I would have preferred you bug me about finding a solution to your problem rather than sending such a mail. > I hardly can express in words how this smashed my view of FreeBSD as a > mature reliable operating system. I will have to wait 6 months until > RELEASE users have a working project again or introduce some rather > unsexy workaround. (_if_ RELEASE users should update their ports...) I felt bad when I received your email until some nice committer told me I tried to make FreeBSD better and just have been over-enthusiast about this. I understand this affects you because it affects your pet project. Please have a look at the list of past ERRATAs. I'm not trying to be rude nor trying to minimize my fault but software have bugs, get used to it. > Yet, you have up to now not even managed to mention these mistakes in > errata. I understand you're angry, but please don't use such a tone in your mail, it won't end anywhere but to an impass. I committed a fix to those problems today. The re@ team is well aware of the problem. Once the fix has been proved to be good enough, it will be committed to RELENG_6_1 and the ERRATA will be published. > However, your fixes in 1.32 work so far and I'd love to see them in > RELENG_6 to get at least MY servers running in a know working setup. Ditto. > Seriously distressed I can understand (or at least read) this. > [1] http://erdgeist.org/arts/softare/ezjail/ > [2] I think, I laid out my discomfort with this feature in a private > mail to flz, but there will be serious problems when using it. Oh yes you did. > a) What, if I want to run several jails on one IP address? Stopping the > first jail on that IP would remove the alias from my interface > subsequently taking it away from the second jail. > b) What, if I'd chose to run a jail on host systems IP? Stop it, BAMM - > goes my host system. Does it even work? Or you mean a configuration error? > c) Why do you assume /32 to be the correct netmask for any given jail? > What, if I want to put my jails in a different sub net? They are never > going to see their gateway or other hosts in the subnet. d) What if I don't like default behavior? Then just don't use jail_interface. Jail_interface is OFF (well, empty) by default. > I think, this feature is not thought through, badly implemented, merged > too early and a shame for FreeBSD. If it wouldn't be too late I'd vote > for removing it completely until more use cases are checked and more > testing has been done. The feature itself is ok, mistakes around the feature are mine, and I already apologized at least ten times in the past few days. I can do it again, I'm *really* sorry. Please take this as a beginner's mistake. If you don't want to use FreeBSD anymore because I made a mistake, then don't, it's up to you. Note: freebsd-update users and people tracking RELENG_6_1 should get the fix as soon as it's committed. And for people not using either of them? Well, which is worse: having a broken script or a flawed system? Note2: Fortunately it was rc.d/jail and not rc.subr, I would have received hundreds of angry mails. PS: Thanks for having tried the latest revision, I'll commit it as soon as I get some other successful reports. --=20 Florent Thoumie flz@FreeBSD.org FreeBSD Committer --=-I472SjINIMCHmxI9u0wS Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQBEY3EfMxEkbVFH3PQRAvIEAJ9D1cLFc9m5JT5FUaxnrkUtn7v1WACggdsS hmV++ZBhyedL5ui5+Sc53e0= =UfWD -----END PGP SIGNATURE----- --=-I472SjINIMCHmxI9u0wS--