From owner-freebsd-rc@FreeBSD.ORG Sun Nov 29 16:05:52 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7E0911065670; Sun, 29 Nov 2009 16:05:52 +0000 (UTC) (envelope-from merijn@inconsistent.nl) Received: from mail.inconsistent.nl (unknown [IPv6:2001:888:1744::3]) by mx1.freebsd.org (Postfix) with ESMTP id D341F8FC1B; Sun, 29 Nov 2009 16:05:51 +0000 (UTC) Received: from localhost (unknown [192.168.2.10]) (Authenticated sender: merijn@inconsistent.nl) by mail.inconsistent.nl (Postfix) with ESMTPSA id 6BFB520EB; Sun, 29 Nov 2009 17:05:10 +0100 (CET) Content-Type: multipart/mixed; boundary=----------Tq9rcKATAuiMEk3Wt5nWRG To: freebsd-hackers@freebsd.org, freebsd-rc@freebsd.org Date: Sun, 29 Nov 2009 17:05:03 +0100 MIME-Version: 1.0 From: "Merijn Verstraaten" Message-ID: User-Agent: Opera Mail/10.01 (MacIntel) Cc: Subject: [patch] Improved jail fstab functionality inside rc.d (needs testers and review) X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Nov 2009 16:05:52 -0000 ------------Tq9rcKATAuiMEk3Wt5nWRG Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit My apologies if these are the wrong lists for this sort of thing but it was unclear to me where else to go with additions like this. I just finished hacking /etc/rc.d/jail to fix my two pet peeves, currently the rc framework only accepts a single fstab file per jail and (worse!) there is no way to specify the mountpoints in these fstab files relative to the jails root. This makes sharing of mounts (for example all my jails nullfs mounting the same ports tree) very cumbersome. This patch should allow you to specify multiple fstab files in the jail_fstab and jail__fstab variables and mount these in order. In addition the patch mangles the fstab files in such a way that any mountpoint in the fstab files starting with the text "ROOT" will have "ROOT" replaced with the jails rootdir. For example the following situation: rc.conf: jail_test_rootdir="/usr/jails/test" jail_test_fstab="/usr/jails/fstab /usr/jails/fstab.test" /usr/jails/fstab: /usr/ports ROOT/usr/ports nullfs ro 0 0 /usr/jails/fstab.test /path/to/some/folder ROOT/folder nullfs rw 0 0 This should result in /path/to/some/folder being mounted into /usr/jails/test/folder and /usr/ports into /usr/jails/test/usr/ports. Normal mountpoints (i.e. not prefixed with ROOT) should still be mounted as normal. Todo: The code probably needs cleaning up, it tried to confirm to the style of the surrounding code, but I didn't know how to handle stuff which resulted in either lines longer then 80 chars or very ugly line wrapping. Someone more at home in the rc.d framework should probably clean the patch up a little to conform to the style. In addition the "ROOT" prefix is now hardcoded, perhaps this should be a configurable option (jail_prefix) or something instead. If people have the time to review and/or test this patch I'd be grateful any comments/critiques are welcome. Please CC me when replying to this e-mail as I'm not currently subscribed to hackers@ or rc@. Kind regards, Merijn Verstraaten ------------Tq9rcKATAuiMEk3Wt5nWRG Content-Disposition: attachment; filename=jail.diff Content-Type: application/octet-stream; name=jail.diff Content-Transfer-Encoding: Base64 LS0tIC9ldGMvcmMuZC9qYWlsCTIwMDktMTEtMjkgMTQ6NTc6NTEuOTAzODQwNDg4 ICswMTAwCisrKyBqYWlsCTIwMDktMTEtMjkgMTY6Mjg6NTAuNDcxMzU0MjM2ICsw MTAwCkBAIC0zMDIsMTQgKzMwMiwxNyBAQAogCQlmaQogCWZpCiAJaWYgY2hlY2t5 ZXNubyBfbW91bnQ7IHRoZW4KLQkJWyAtZiAiJHtfZnN0YWJ9IiBdIHx8IHdhcm4g IiR7X2ZzdGFifSBkb2VzIG5vdCBleGlzdCIKLQkJdGFpbCAtciAke19mc3RhYn0g fCB3aGlsZSByZWFkIF9kZXZpY2UgX21vdW50cHQgX3Jlc3Q7IGRvCi0JCQljYXNl ICI6JHtfZGV2aWNlfSIgaW4KLQkJCTojKiB8IDopCi0JCQkJY29udGludWUKLQkJ CQk7OwotCQkJZXNhYwotCQkJc2VjdXJlX3Vtb3VudCAke19tb3VudHB0fQorCQlm b3IgX2ZzdGFiX2ZpbGUgaW4gJHtfZnN0YWJ9OyBkbworCQkJWyAtZiAiJHtfZnN0 YWJfZmlsZX0iIF0gfHwgd2FybiAiJHtfZnN0YWJfZmlsZX0gZG9lcyBub3QgZXhp c3QiCisJCQlzZWQgInMjUk9PVCMke19yb290ZGlyfSMiICR7X2ZzdGFiX2ZpbGV9 IHwKKwkJCSAgICB0YWlsIC1yIHwgd2hpbGUgcmVhZCBfZGV2aWNlIF9tb3VudHB0 IF9yZXN0OyBkbworCQkJCWNhc2UgIjoke19kZXZpY2V9IiBpbgorCQkJCTojKiB8 IDopCisJCQkJCWNvbnRpbnVlCisJCQkJCTs7CisJCQkJZXNhYworCQkJCXNlY3Vy ZV91bW91bnQgJHtfbW91bnRwdH0KKwkJCWRvbmUKIAkJZG9uZQogCWZpCiB9CkBA IC0zMjcsNyArMzMwLDggQEAKICMKIGphaWxfbW91bnRfZnN0YWIoKQogewotCWxv Y2FsIF9kZXZpY2UgX21vdW50cHQgX3Jlc3QKKwlsb2NhbCBfZnN0YWJfZmlsZSBf ZGV2aWNlIF9tb3VudHB0IF9yZXN0CisJX2ZzdGFiX2ZpbGU9IiQqIgogCiAJd2hp bGUgcmVhZCBfZGV2aWNlIF9tb3VudHB0IF9yZXN0OyBkbwogCQljYXNlICI6JHtf ZGV2aWNlfSIgaW4KQEAgLTMzNSwxMiArMzM5LDE3IEBACiAJCQljb250aW51ZQog CQkJOzsKIAkJZXNhYwotCQlpZiBpc19zeW1saW5rZWRfbW91bnRwb2ludCAke19t b3VudHB0fTsgdGhlbgotCQkJd2FybiAiJHtfbW91bnRwdH0gaGFzIHN5bWxpbmsg YXMgcGFyZW50IC0gbm90IG1vdW50aW5nIGZyb20gJHtfZnN0YWJ9IgorCQlpZiBb ICR7X21vdW50cHQlJS8qfSA9ICJST09UIiBdOyB0aGVuCisJCQlpZiBpc19zeW1s aW5rZWRfbW91bnRwb2ludCAiJHtfcm9vdGRpcn0vJHtfbW91bnRwdCMqL30iOyB0 aGVuCisJCQkJd2FybiAiJHtfcm9vdGRpcn0vJHtfbW91bnRwdCMqL30gaGFzIHN5 bWxpbmsgYXMgcGFyZW50IC0gbm90IG1vdW50aW5nIGZyb20gJHtfZnN0YWJfZmls ZX0iCisJCQkJcmV0dXJuCisJCQlmaQorCQllbGlmIGlzX3N5bWxpbmtlZF9tb3Vu dHBvaW50ICR7X21vdW50cHR9OyB0aGVuCisJCQl3YXJuICIke19tb3VudHB0fSBo YXMgc3ltbGluayBhcyBwYXJlbnQgLSBub3QgbW91bnRpbmcgZnJvbSAke19mc3Rh Yl9maWxlfSIKIAkJCXJldHVybgogCQlmaQotCWRvbmUgPCR7X2ZzdGFifQotCW1v dW50IC1hIC1GICIke19mc3RhYn0iCisJZG9uZSA8JHtfZnN0YWJfZmlsZX0KKwlz ZWQgInMjUk9PVCMke19yb290ZGlyfSMiICR7X2ZzdGFiX2ZpbGV9IHwgbW91bnQg LWEgLUYgL2Rldi9zdGRpbgogfQogCiAjIGphaWxfc2hvd19hZGRyZXNzZXMgamFp bApAQCAtNTc1LDEwICs1ODQsMTIgQEAKIAkJZmkKIAkJaWYgY2hlY2t5ZXNubyBf bW91bnQ7IHRoZW4KIAkJCWluZm8gIk1vdW50aW5nIGZzdGFiIGZvciBqYWlsICR7 X2phaWx9ICgke19mc3RhYn0pIgotCQkJaWYgWyAhIC1mICIke19mc3RhYn0iIF07 IHRoZW4KLQkJCQllcnIgMyAiJG5hbWU6ICR7X2ZzdGFifSBkb2VzIG5vdCBleGlz dCIKLQkJCWZpCi0JCQlqYWlsX21vdW50X2ZzdGFiCisJCQlmb3IgX2ZzdGFiX2Zp bGUgaW4gJHtfZnN0YWJ9OyBkbworCQkJCWlmIFsgISAtZiAiJHtfZnN0YWJfZmls ZX0iIF07IHRoZW4KKwkJCQkJZXJyIDMgIiRuYW1lOiAke19mc3RhYl9maWxlfSBk b2VzIG5vdCBleGlzdCIKKwkJCQlmaQorCQkJCWphaWxfbW91bnRfZnN0YWIgJHtf ZnN0YWJfZmlsZX0KKwkJCWRvbmUKIAkJZmkKIAkJaWYgY2hlY2t5ZXNubyBfZGV2 ZnM7IHRoZW4KIAkJCSMgSWYgZGV2ZnMgaXMgYWxyZWFkeSBtb3VudGVkIGhlcmUs IHNraXAgaXQuCg== ------------Tq9rcKATAuiMEk3Wt5nWRG-- From owner-freebsd-rc@FreeBSD.ORG Sun Nov 29 17:50:08 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9209410656B0; Sun, 29 Nov 2009 17:50:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [IPv6:2001:4068:10::3]) by mx1.freebsd.org (Postfix) with ESMTP id 25F008FC1E; Sun, 29 Nov 2009 17:50:08 +0000 (UTC) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 8BDCD41C6A1; Sun, 29 Nov 2009 18:50:06 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([192.168.74.103]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id 3k6bHzodyrpc; Sun, 29 Nov 2009 18:50:05 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id D031E41C6BB; Sun, 29 Nov 2009 18:50:05 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 4732544496D; Sun, 29 Nov 2009 17:45:18 +0000 (UTC) Date: Sun, 29 Nov 2009 17:45:18 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Merijn Verstraaten In-Reply-To: Message-ID: <20091129174407.Q37440@maildrop.int.zabbadoz.net> References: X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-hackers@freebsd.org, freebsd-jail@freebsd.org, freebsd-rc@freebsd.org, "Simon L. Nielsen" Subject: Re: [patch] Improved jail fstab functionality inside rc.d (needs testers and review) X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Nov 2009 17:50:08 -0000 On Sun, 29 Nov 2009, Merijn Verstraaten wrote: > My apologies if these are the wrong lists for this sort of thing but it was > unclear to me where else to go with additions like this. You may try freebsd-jail@ Make sure to get a review from simon@ for this. /bz -- Bjoern A. Zeeb It will not break if you know what you are doing. From owner-freebsd-rc@FreeBSD.ORG Mon Nov 30 11:07:00 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BDC7B106566C for ; Mon, 30 Nov 2009 11:07:00 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id AA5F68FC16 for ; Mon, 30 Nov 2009 11:07:00 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id nAUB70Wt043536 for ; Mon, 30 Nov 2009 11:07:00 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id nAUB703i043534 for freebsd-rc@FreeBSD.org; Mon, 30 Nov 2009 11:07:00 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 30 Nov 2009 11:07:00 GMT Message-Id: <200911301107.nAUB703i043534@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-rc@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Nov 2009 11:07:00 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/140440 rc [patch] allow local command files in rc.{suspend,resum o conf/140261 rc [patch] Improve flexibility of mdconfig2 startup scrip o conf/138208 rc [rc] [patch] Making rc.firewall (workstation) IPv6 awa o conf/137629 rc [rc] background_dhclient rc.conf option causing double o conf/137470 rc [PATCH] /etc/rc.d/mdconfig2 : prioritize cli parameter o conf/136875 rc [request] _flags appending o conf/136624 rc [rc.d] sysctl variables for ipnat are not applied on b o conf/134918 rc [patch] rc.subr fails to detect perl daemons o conf/134660 rc [patch] rc-script for initializing ng_netflow+ng_ipfw o conf/134333 rc PPP configuration problem in the rc.d scripts in combi o conf/134006 rc [patch] Unload console screensaver kernel modules if s o conf/133987 rc [rc.d] defaultroute broken with DHCP in some cases o conf/133890 rc [patch] sshd(8): add multiple profiles to the rc.d scr o conf/132483 rc rc.subr(8) [patch] setfib(1) support for rc.subr o conf/132476 rc [rc.d] [patch] add support setfib(1) in rc.d/routing o conf/130414 rc [patch] rc services started with onestart are not stop o conf/128299 rc [patch] /etc/rc.d/geli does not mount partitions using o conf/127917 rc [patch] dumpon rejects on start with physmem>swap even o bin/126562 rc rcorder(8) fails to run unrelated startup scripts when o conf/126392 rc [patch] rc.conf ifconfig_xx keywords cannot be escaped o bin/126324 rc [patch] rc.d/tmp: Prevent mounting /tmp in second tim o conf/124747 rc [patch] savecore can't create dump from encrypted swap o conf/124248 rc [jail] [patch] add support for nice value for rc.d/jai o conf/123734 rc [patch] Chipset VIA CX700 requires extra initializatio o conf/123222 rc [patch] Add rtprio(1)/idprio(1) support to rc.subr(8). o conf/122477 rc [patch] /etc/rc.d/mdconfig and mdconfig2 are ignoring o conf/122170 rc [patch] [request] New feature: notify admin via page o o kern/121566 rc [nfs] [request] [patch] ethernet iface should be broug o conf/120431 rc [patch] devfs.rules are not initialized under certain o conf/120406 rc [devd] [patch] Handle newly attached pcm devices (eg. o conf/119874 rc [patch] "/etc/rc.d/pf reload" fails if there are macro o conf/119076 rc [patch] [rc.d] /etc/rc.d/netif tries to remove alias a o bin/118325 rc [patch] [request] new periodic script to test statuses o conf/118255 rc savecore never finding kernel core dumps (rcorder prob o conf/117935 rc [patch] ppp fails to start at boot because of missing o conf/113915 rc [patch] ndis wireless driver fails to associate when i o conf/109980 rc /etc/rc.d/netif restart doesn't destroy cloned_interfa o conf/109562 rc [rc.d] [patch] [request] Make rc.d/devfs usable from c o conf/108589 rc rtsol(8) fails due to default ipfw rules o conf/106009 rc [ppp] [patch] [request] Fix pppoed startup script to p o conf/105689 rc [ppp] [request] syslogd starts too late at boot o conf/105568 rc [patch] [request] Add more flexibility to rc.conf, to o conf/105145 rc [ppp] [patch] [request] add redial function to rc.d/pp o conf/104549 rc [patch] rc.d/nfsd needs special _find_processes functi o conf/102700 rc [geli] [patch] Add encrypted /tmp support to GELI/GBDE o conf/99721 rc [patch] /etc/rc.initdiskless problem copy dotfile in s o conf/99444 rc [patch] Enhancement: rc.subr could easily support star o conf/96343 rc [patch] rc.d order change to start inet6 before pf o conf/93815 rc [patch] Adds in the ability to save ipfw rules to rc.d o conf/92523 rc [patch] allow rc scripts to kill process after a timeo o conf/89870 rc [patch] [request] make netif verbose rc.conf toggle o conf/89061 rc [patch] IPv6 6to4 auto-configuration enhancement o conf/88913 rc [patch] wrapper support for rc.subr o conf/85819 rc [patch] script allowing multiuser mode in spite of fsc o kern/81006 rc ipnat not working with tunnel interfaces on startup o conf/77663 rc Suggestion: add /etc/rc.d/addnetswap after addcritremo o conf/73677 rc [patch] add support for powernow states to power_profi o conf/58939 rc [patch] dumb little hack for /etc/rc.firewall{,6} o conf/56934 rc [patch] rc.firewall rules for natd expect an interface o conf/45226 rc [patch] Fix for rc.network, ppp-user annoyance o conf/44170 rc [patch] Add ability to run multiple pppoed(8) on start 61 problems total.