Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 2 Jun 2013 00:47:19 GMT
From:      Joe Barbish <qjail@a1poweruser.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/179184: [Maintainer update] sysutils/qjail rewrite using jail(8) type jails
Message-ID:  <201306020047.r520lJHD022446@oldred.FreeBSD.org>
Resent-Message-ID: <201306020050.r520o0fU053793@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         179184
>Category:       ports
>Synopsis:       [Maintainer update] sysutils/qjail rewrite using jail(8) type jails
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jun 02 00:50:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Joe Barbish
>Release:        9.1-RELEASE i386
>Organization:
none
>Environment:
>Description:
qjail-3.0 has been rewritten to use jail(8) type jail definition parameters
with extended parameter options for per jail securelevel, cpuset.id, exec.fib,
allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs,
vnet.interface, and vnet.

vnet/vimage jails with or with out ipfw firewall and if_bridge/epair or
netgraph networks.


NOTE to committer: qjail-3.0 is NOT a replacement for qjail-2.2 which is
currently in the ports system. qjail-2.2 is the last version to support the 8.x
distribution file format. qjail-2.2 must remain in the ports system until
the "end of life" of the 8.x series of releases.

qjail-3.0 only supports the 9.0 distribution file format and the new 
jail(8) jail type.

Please place qjail-3.0 a long side the current qjail-2.2 version so both 
exist at same time in the ports system.



>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -ruN qjail-2.2/Makefile qjail/Makefile
--- qjail-2.2/Makefile	2013-04-26 14:21:32.000000000 -0400
+++ qjail/Makefile	2013-05-28 13:19:47.000000000 -0400
@@ -2,7 +2,7 @@
 # $FreeBSD: sysutils/qjail/Makefile 314731 2013-03-20 13:17:23Z bdrewery $
 
 PORTNAME=	qjail
-PORTVERSION=	2.2
+PORTVERSION=	3.0
 CATEGORIES=	sysutils
 MASTER_SITES=	SF/${PORTNAME}
 
@@ -12,7 +12,7 @@
 USE_BZIP2=	yes
 NO_BUILD=	yes
 
-MAN8=		qjail.8 qjail-intro.8 qjail.conf.8 qjail-howto.8
+MAN8=		qjail.8 qjail-intro.8 qjail-howto.8
 
 post-patch:
 	@${FIND} ${WRKSRC} -type f | ${XARGS} ${REINPLACE_CMD} \
@@ -21,11 +21,11 @@
 
 do-install:
 	@${INSTALL_SCRIPT} ${WRKSRC}/qjail ${PREFIX}/bin
-	@${INSTALL_SCRIPT} ${WRKSRC}/qjail2 ${PREFIX}/etc/rc.d
-	@${INSTALL_SCRIPT} ${WRKSRC}/qjail-jail2 ${PREFIX}/etc/rc.d
-	@${INSTALL_DATA}   ${WRKSRC}/qjail.conf.sample ${PREFIX}/etc
+	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.be ${PREFIX}/bin
+	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.ng ${PREFIX}/bin
+	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.bootime ${PREFIX}/etc/rc.d
 	@${INSTALL_DATA}   ${WRKSRC}/qjail.portsnap.conf ${PREFIX}/etc
-.for i in qjail qjail-intro qjail.conf qjail-howto
+.for i in qjail qjail-intro qjail-howto
 	@${INSTALL_MAN}    ${WRKSRC}/${i}.8 ${MAN8PREFIX}/man/man8
 .endfor
 # note examples are mandatory. qjail will not function without them
diff -ruN qjail-2.2/distinfo qjail/distinfo
--- qjail-2.2/distinfo	2013-04-26 14:24:21.000000000 -0400
+++ qjail/distinfo	2013-05-31 08:49:18.000000000 -0400
@@ -1,2 +1,2 @@
-SHA256 (qjail-2.2.tar.bz2) = ae7b64b3ecfa2b3db5880e3e7e38fc5e6f4ad8e51353d4343e37ef4c0dab1912
-SIZE (qjail-2.2.tar.bz2) = 56888
+SHA256 (qjail-3.0.tar.bz2) = 73a086651c8ee0ecaf2e22ba2951567250abac562d09284f80a78001eb6d8b3f
+SIZE (qjail-3.0.tar.bz2) = 119727
diff -ruN qjail-2.2/pkg-descr qjail/pkg-descr
--- qjail-2.2/pkg-descr	2013-04-26 13:09:21.000000000 -0400
+++ qjail/pkg-descr	2013-04-26 12:56:49.000000000 -0400
@@ -1,13 +1,20 @@
-This is the last version that handles both the 8.x and 9.x install
-media formats. 
-
 Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
 system that includes security and performance enhancements. Plus a new level
 of "user friendliness" enhancements dealing with deploying just a few jails or
 large jail environments consisting of 100's of jails.
 
+This verison of qjail has been converted from using the legacy rc.d-method as 
+used in all pervious versions of qjail, to using the jail(8) jail.conf-method 
+available in RELEASE-9.1. This upgrade provides the ability to enable the 
+following new options on a per-jail basis. exec.fib, allow.raw_sockets, 
+allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, securelevel, 
+vnet.interface, and vnet. The vnet option gives a jail its own network stack 
+using the experamental vimage software. This qjail version is not functional 
+for RELEASES older than RELEASE-9.1. The vnet option has only been tested on 
+i386 and amd64 equipment.
+
 Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
-read-only system binaries, sharing one copy of them with all the jails.
+read-only system executables, sharing one copy of them with all the jails.
 
 Uses "mdconfig" to create sparse image jails. Sparse image jails provide a
 method to limit the total disk space a jail can consume, while only occupying
diff -ruN qjail-2.2/pkg-plist qjail/pkg-plist
--- qjail-2.2/pkg-plist	2013-04-26 13:01:01.000000000 -0400
+++ qjail/pkg-plist	2013-05-28 13:22:40.000000000 -0400
@@ -1,17 +1,23 @@
 bin/qjail
-etc/qjail.conf.sample
+bin/qjail.vnet.be
+bin/qjail.vnet.ng
 etc/qjail.portsnap.conf
-etc/rc.d/qjail-jail2
-etc/rc.d/qjail2
+etc/rc.d/qjail.bootime
+%%EXAMPLESDIR%%/vnet/jail.amd64
+%%EXAMPLESDIR%%/vnet/jail.i386
+%%EXAMPLESDIR%%/vnet/nullfs.diff
+%%EXAMPLESDIR%%/vnet/ipfw.rules.host
+%%EXAMPLESDIR%%/vnet/ipfw.rules.vnet
+%%EXAMPLESDIR%%/vnet/ipf.rules.host
+%%EXAMPLESDIR%%/vnet/ipf.rules.vnet
+%%EXAMPLESDIR%%/vnet/pf.rules.host
+%%EXAMPLESDIR%%/vnet/pf.rules.vnet
 %%EXAMPLESDIR%%/default/etc/make.conf
 %%EXAMPLESDIR%%/default/etc/motd
 %%EXAMPLESDIR%%/default/etc/periodic.conf
 %%EXAMPLESDIR%%/default/etc/rc.conf
 %%EXAMPLESDIR%%/default/root/.cshrc
 %%EXAMPLESDIR%%/default/usr/local/etc/sudoers
-%%EXAMPLESDIR%%/nullmailer-example/etc/mail/mailer.conf
-%%EXAMPLESDIR%%/nullmailer-example/etc/rc.conf
-%%EXAMPLESDIR%%/nullmailer-example/usr/local/etc/nullmailer/remotes
 %%EXAMPLESDIR%%/ssh-default/etc/group
 %%EXAMPLESDIR%%/ssh-default/etc/make.conf
 %%EXAMPLESDIR%%/ssh-default/etc/master.passwd
@@ -32,6 +38,12 @@
 %%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.rhosts
 %%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.shrc
 %%EXAMPLESDIR%%/ssh-default/usr/local/etc/sudoers
+@dirrm %%EXAMPLESDIR%%/default/usr/local/etc
+@dirrm %%EXAMPLESDIR%%/default/usr/local
+@dirrm %%EXAMPLESDIR%%/default/usr
+@dirrm %%EXAMPLESDIR%%/default/root
+@dirrm %%EXAMPLESDIR%%/default/etc
+@dirrm %%EXAMPLESDIR%%/default
 @dirrm %%EXAMPLESDIR%%/ssh-default/usr/home/qjail
 @dirrm %%EXAMPLESDIR%%/ssh-default/usr/home
 @dirrm %%EXAMPLESDIR%%/ssh-default/usr/local/etc
@@ -41,17 +53,5 @@
 @dirrm %%EXAMPLESDIR%%/ssh-default/etc/ssh
 @dirrm %%EXAMPLESDIR%%/ssh-default/etc
 @dirrm %%EXAMPLESDIR%%/ssh-default
-@dirrm %%EXAMPLESDIR%%/nullmailer-example/usr/local/etc/nullmailer
-@dirrm %%EXAMPLESDIR%%/nullmailer-example/usr/local/etc
-@dirrm %%EXAMPLESDIR%%/nullmailer-example/usr/local
-@dirrm %%EXAMPLESDIR%%/nullmailer-example/usr
-@dirrm %%EXAMPLESDIR%%/nullmailer-example/etc/mail
-@dirrm %%EXAMPLESDIR%%/nullmailer-example/etc
-@dirrm %%EXAMPLESDIR%%/nullmailer-example
-@dirrm %%EXAMPLESDIR%%/default/usr/local/etc
-@dirrm %%EXAMPLESDIR%%/default/usr/local
-@dirrm %%EXAMPLESDIR%%/default/usr
-@dirrm %%EXAMPLESDIR%%/default/root
-@dirrm %%EXAMPLESDIR%%/default/etc
-@dirrm %%EXAMPLESDIR%%/default
+@dirrm %%EXAMPLESDIR%%/vnet
 @dirrm %%EXAMPLESDIR%%


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201306020047.r520lJHD022446>