From owner-freebsd-jail@FreeBSD.ORG Mon Apr 23 11:07:19 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 163D4106564A for ; Mon, 23 Apr 2012 11:07:19 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id F42398FC21 for ; Mon, 23 Apr 2012 11:07:18 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q3NB7IR0047618 for ; Mon, 23 Apr 2012 11:07:18 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id q3NB7Iu3047616 for freebsd-jail@FreeBSD.org; Mon, 23 Apr 2012 11:07:18 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 23 Apr 2012 11:07:18 GMT Message-Id: <201204231107.q3NB7Iu3047616@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Apr 2012 11:07:19 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- p bin/165515 jail [jail][patch] "jail: unknown parameter: allow.nomount" p bin/161957 jail jls(8): jls -v doesn't show anything if system compile o kern/159918 jail [jail] inter-jail communication failure o kern/156111 jail [jail] procstat -b not supported in jail o misc/155765 jail [patch] `buildworld' does not honors WITHOUT_JAIL o conf/154246 jail [jail] [patch] Bad symlink created if devfs mount poin o conf/149050 jail [jail] rcorder ``nojail'' too coarse for Jail+VNET s conf/142972 jail [jail] [patch] Support JAILv2 and vnet in rc.d/jail o conf/141317 jail [patch] uncorrect jail stop in /etc/rc.d/jail o kern/133265 jail [jail] is there a solution how to run nfs client in ja o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail o bin/99566 jail [jail] [patch] fstat(1) according to specified jid o bin/32828 jail [jail] w(1) incorrectly handles stale utmp slots with 13 problems total. From owner-freebsd-jail@FreeBSD.ORG Thu Apr 26 20:31:42 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6296E1065674 for ; Thu, 26 Apr 2012 20:31:42 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) by mx1.freebsd.org (Postfix) with ESMTP id 1873C8FC0A for ; Thu, 26 Apr 2012 20:31:38 +0000 (UTC) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q3QK7lAr077377 for ; Thu, 26 Apr 2012 14:07:47 -0600 (MDT) (envelope-from jamie@FreeBSD.org) Message-ID: <4F99AB0E.4090805@FreeBSD.org> Date: Thu, 26 Apr 2012 14:07:42 -0600 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20120126 Thunderbird/9.0 MIME-Version: 1.0 To: FreeBSD-Jail Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Apr 2012 20:31:42 -0000 I've finally put my jail(8) changes into HEAD. This new version of jail can create jails from a configuration file - see jail.conf(5) for the format, as well as some additions to jail(8). This doesn't mean you *have* to use jail.conf, but it's a better way to manage jails than the existing rc.conf method. The plan is for rc.d/jail to start and stop jails as specified in /etc/jail.conf, but that's not happening yet - right now it still uses the old system, which jail(8) is still compatible with. There's still more that I want to do with this, but it's time it was part of current. Enjoy :-). - Jamie From owner-freebsd-jail@FreeBSD.ORG Fri Apr 27 14:45:11 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DE9C01065742 for ; Fri, 27 Apr 2012 14:45:11 +0000 (UTC) (envelope-from gofj-freebsd-jail@m.gmane.org) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) by mx1.freebsd.org (Postfix) with ESMTP id 3FAB68FC18 for ; Fri, 27 Apr 2012 14:45:10 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1SNmPv-00062K-8a for freebsd-jail@freebsd.org; Fri, 27 Apr 2012 16:45:03 +0200 Received: from 103.85-200-56.bkkb.no ([85.200.56.103]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 27 Apr 2012 16:45:03 +0200 Received: from christer.solskogen by 103.85-200-56.bkkb.no with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 27 Apr 2012 16:45:03 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-jail@freebsd.org From: Christer Solskogen Date: Fri, 27 Apr 2012 16:33:27 +0200 Lines: 15 Message-ID: References: <4F99AB0E.4090805@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: 103.85-200-56.bkkb.no User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20120327 Thunderbird/11.0.1 In-Reply-To: <4F99AB0E.4090805@FreeBSD.org> Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Apr 2012 14:45:12 -0000 On 26/4/2012 10:07 PM, Jamie Gritton wrote: > There's still more that I want to do with this, but it's time it was > part of current. > I've got an idea that you might find useful for future versions of jail. I have created a wrapper script for my own use where I instead of creating a jail with buildworld/installworld, I rather nullmount /bin, /lib, etc. to a jailroot, and run mergemaster on that jailroot. This makes the jail very small (3MB IIRC) and it makes upgrades of the jails very easy. -- chs From owner-freebsd-jail@FreeBSD.ORG Fri Apr 27 16:17:57 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 18E3B106566B; Fri, 27 Apr 2012 16:17:57 +0000 (UTC) (envelope-from subbsd@gmail.com) Received: from mail-yx0-f182.google.com (mail-yx0-f182.google.com [209.85.213.182]) by mx1.freebsd.org (Postfix) with ESMTP id B746A8FC08; Fri, 27 Apr 2012 16:17:56 +0000 (UTC) Received: by yenl9 with SMTP id l9so615294yen.13 for ; Fri, 27 Apr 2012 09:17:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=eNfMizr+PhiXz55syxiACaG4MqHLT/ISejKyZAzaaXI=; b=n1uC5IhAbluDf3NWrec/EVEl+15Jc17K4wcfAGzDJwU6XsavIkrNPEHYdZFaBTtqXv 9N9Ltpy1WPGESwA7JFJqc0XROL4D9pHYebRBWif4S3Ln8CZZiAUqOQJAw8tA6qp79Cmt E0ALbMevW9Q643RRby8k+wnt87GfOfTM4IvIK02YJuhet95I68xOsGFajtYqSGRs9Uim ALtlp2Dz5dxJXdN5c8x1rL6wNZQ5NHReBW1S8pJt2kN7IPUx8GUYGnxcMT6OQehJdphc CVtWwxGsguw7ppyZqUow/ecz8YNFcSTdqIv4CAIqiM1P44aWwRd3X1/nCQOT3sHIFTkV 4Cpg== MIME-Version: 1.0 Received: by 10.60.32.210 with SMTP id l18mr4888069oei.1.1335543476113; Fri, 27 Apr 2012 09:17:56 -0700 (PDT) Received: by 10.60.123.48 with HTTP; Fri, 27 Apr 2012 09:17:56 -0700 (PDT) In-Reply-To: <4F99AB0E.4090805@FreeBSD.org> References: <4F99AB0E.4090805@FreeBSD.org> Date: Fri, 27 Apr 2012 20:17:56 +0400 Message-ID: From: Subbsd To: Jamie Gritton Content-Type: text/plain; charset=ISO-8859-1 Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Apr 2012 16:17:57 -0000 Hi On Fri, Apr 27, 2012 at 12:07 AM, Jamie Gritton wrote: > I've finally put my jail(8) changes into HEAD. http://svnweb.freebsd.org/base/head/usr.sbin/jail/jail.conf.5?view=markup&pathrev=234712 ( The .Nm file was added in .Fx 9.0 . ) Looks like man file in HISTORY section is a bit incorrect. According to the MFC, this file will be in FreeBSD 9.1+ ? From owner-freebsd-jail@FreeBSD.ORG Fri Apr 27 16:44:20 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 45490106564A for ; Fri, 27 Apr 2012 16:44:20 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25]) by mx1.freebsd.org (Postfix) with ESMTP id ECDA18FC17 for ; Fri, 27 Apr 2012 16:44:19 +0000 (UTC) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id 30D0D25D3A01; Fri, 27 Apr 2012 16:44:19 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 67E85BE5BF5; Fri, 27 Apr 2012 16:44:18 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id l3TbcH0lO3Ih; Fri, 27 Apr 2012 16:44:16 +0000 (UTC) Received: from orange-en1.sbone.de (orange-en1.sbone.de [IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id DB27BBE5BF4; Fri, 27 Apr 2012 16:44:16 +0000 (UTC) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: "Bjoern A. Zeeb" In-Reply-To: Date: Fri, 27 Apr 2012 16:44:16 +0000 Content-Transfer-Encoding: quoted-printable Message-Id: References: <4F99AB0E.4090805@FreeBSD.org> To: Christer Solskogen X-Mailer: Apple Mail (2.1084) Cc: freebsd-jail@freebsd.org Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Apr 2012 16:44:20 -0000 On 27. Apr 2012, at 14:33 , Christer Solskogen wrote: > On 26/4/2012 10:07 PM, Jamie Gritton wrote: >=20 >> There's still more that I want to do with this, but it's time it was >> part of current. >>=20 >=20 > I've got an idea that you might find useful for future versions of = jail. I have created a wrapper script for my own use where I instead of = creating a jail with buildworld/installworld, I rather nullmount /bin, = /lib, etc. to a jailroot, and run mergemaster on that jailroot. This = makes the jail very small (3MB IIRC) and it makes upgrades of the jails = very easy. Yeah, there's other doing this; ezjail is close to this as well. But please not that management (configuring, starting, stopping) and = provisioning can easily be separated and the latter has nothing to do = with the former in first place. I hope that ezjail will pick up = supporting the new config stuff and use that while still providing its = own provisioning. /bz --=20 Bjoern A. Zeeb You have to have visions! It does not matter how good you are. It matters what good you do! From owner-freebsd-jail@FreeBSD.ORG Fri Apr 27 16:45:20 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 265B4106566C; Fri, 27 Apr 2012 16:45:20 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25]) by mx1.freebsd.org (Postfix) with ESMTP id CEADE8FC16; Fri, 27 Apr 2012 16:45:19 +0000 (UTC) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id 199DD25D3A01; Fri, 27 Apr 2012 16:45:19 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id 8EC14BE5BF5; Fri, 27 Apr 2012 16:45:18 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id GvPKeZ-RJXuA; Fri, 27 Apr 2012 16:45:17 +0000 (UTC) Received: from orange-en1.sbone.de (orange-en1.sbone.de [IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id 976FDBE5BF4; Fri, 27 Apr 2012 16:45:17 +0000 (UTC) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: "Bjoern A. Zeeb" In-Reply-To: <4F99AB0E.4090805@FreeBSD.org> Date: Fri, 27 Apr 2012 16:45:17 +0000 Content-Transfer-Encoding: quoted-printable Message-Id: <8AFDD50D-038D-4D71-A67A-7D9BE629DAFA@lists.zabbadoz.net> References: <4F99AB0E.4090805@FreeBSD.org> To: Jamie Gritton X-Mailer: Apple Mail (2.1084) Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Apr 2012 16:45:20 -0000 On 26. Apr 2012, at 20:07 , Jamie Gritton wrote: Hi, > I've finally put my jail(8) changes into HEAD. I meant to say this yesterday already but time flies. *YEAH!!!* Thanks = a lot. /bz --=20 Bjoern A. Zeeb You have to have visions! It does not matter how good you are. It matters what good you do! From owner-freebsd-jail@FreeBSD.ORG Fri Apr 27 16:54:26 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E7D6110656F4 for ; Fri, 27 Apr 2012 16:54:26 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) by mx1.freebsd.org (Postfix) with ESMTP id B2FB88FC12 for ; Fri, 27 Apr 2012 16:54:26 +0000 (UTC) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q3RGsN9v088843; Fri, 27 Apr 2012 10:54:24 -0600 (MDT) (envelope-from jamie@FreeBSD.org) Message-ID: <4F9ACF39.7090103@FreeBSD.org> Date: Fri, 27 Apr 2012 10:54:17 -0600 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:9.0) Gecko/20120126 Thunderbird/9.0 MIME-Version: 1.0 To: Subbsd References: <4F99AB0E.4090805@FreeBSD.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Apr 2012 16:54:27 -0000 I thought I had changed that to 10.0 - and I would then further change it back to 9.1 assuming it got MFC'd. I had originally intended for 9.0 but missed the deadline, and I thought I had fixed that. Maybe editing the man page while I already had the svn commit running (in the editor) wasn't sufficient. I'll make sure I've got the right numbers in there (10.0 until it's actually MFC'd). - Jamie On 04/27/12 10:17, Subbsd wrote: > On Fri, Apr 27, 2012 at 12:07 AM, Jamie Gritton wrote: >> I've finally put my jail(8) changes into HEAD. > > http://svnweb.freebsd.org/base/head/usr.sbin/jail/jail.conf.5?view=markup&pathrev=234712 > ( The .Nm file was added in .Fx 9.0 . ) > > Looks like man file in HISTORY section is a bit incorrect. According > to the MFC, this file will be in FreeBSD 9.1+ ? From owner-freebsd-jail@FreeBSD.ORG Sat Apr 28 04:14:14 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D9EE91065670 for ; Sat, 28 Apr 2012 04:14:14 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [217.13.206.130]) by mx1.freebsd.org (Postfix) with ESMTP id 1F18A8FC14 for ; Sat, 28 Apr 2012 04:14:13 +0000 (UTC) Received: (qmail 36854 invoked from network); 28 Apr 2012 04:14:07 -0000 Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org) by elektropost.org with CAMELLIA256-SHA encrypted SMTP; 28 Apr 2012 04:14:07 -0000 Message-ID: <4F9B6E8F.8070708@erdgeist.org> Date: Sat, 28 Apr 2012 06:14:07 +0200 From: Dirk Engling User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20120420 Thunderbird/12.0 MIME-Version: 1.0 To: Jamie Gritton References: <4F99AB0E.4090805@FreeBSD.org> In-Reply-To: <4F99AB0E.4090805@FreeBSD.org> X-Enigmail-Version: 1.4.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 04:14:14 -0000 On 26.04.12 22:07, Jamie Gritton wrote: > I've finally put my jail(8) changes into HEAD. This new version of jail > can create jails from a configuration file - see jail.conf(5) for the > format, as well as some additions to jail(8). This doesn't mean you > *have* to use jail.conf, but it's a better way to manage jails than the > existing rc.conf method. Out of curiosity, why did you settle for a /etc/jail.conf instead of a /etc/jail.d/? Your config file format introduces the dependency into an expensive parser while adding little value. Even worse, the user now has to struggle with just another format describing the system. I can foresee that my automated jail management tool ezjail will not be able to support the jail.conf format due to the lack of a parser. A look into ezjails config directory structure can give you a hint of how to achieve some similar clean up with built in tools. I am not saying, the config directory format is perfect, the current redundancy in jail_JAILNAME variables is a mess, but inventing a container format where files would do just fine in my opinion is overkill. Regards, erdgeist From owner-freebsd-jail@FreeBSD.ORG Sat Apr 28 06:08:35 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B312B1065672 for ; Sat, 28 Apr 2012 06:08:35 +0000 (UTC) (envelope-from jhellenthal@dataix.net) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id 538BB8FC1B for ; Sat, 28 Apr 2012 06:08:35 +0000 (UTC) Received: by iahk25 with SMTP id k25so2537070iah.13 for ; Fri, 27 Apr 2012 23:08:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dataix.net; s=rsa; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to; bh=d3p6fuN52xp94yrd+efCYpCrcNGz2aq99kXCF/pQ0IA=; b=C6hI8RPNGdrMZRFJMSydvhmrk9B52rWOo9hw3zf2ioJoKDX7lwzN6rfO/942p6rFEQ Mg2uL6SV9F0xjQHtuXJC0iosTr0CEeGJNQtjsR2y3JEuvDAc/UwH/RtM4ERVtk+tjGdf vEH9HHELOg1B5G5W6VE92MbMH8ovLxLFxHaKQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:x-gm-message-state; bh=d3p6fuN52xp94yrd+efCYpCrcNGz2aq99kXCF/pQ0IA=; b=nNRdFJaf0NFjLKKhBe0Rdc3+zd4oHFag1/y1Wz1QcjvM5lhAuiWGdd9SOj0GDU5WcS CRe3q8kpBJ4IsEl9ufefBT2KLvU6JNIeCvtV3J8MYrStm/8ZdgbYNOzhdtPNWp6OFI3M A+V/xpDhc4eOD8F4ip8OMWspUAM9iFszCbxtH7wu1mMKd0IRrqUsAegfo0+0Qu4R6Udc 1gKVGYEyD0QvYJgavcvfDeR6EXyutrmZGgVpBIze9fDk7wa7xrjC272h20iu2zq/r6Qv cCq6e486Uc/UMwfM6ffPpcCX9jYEls/mxDA+Uws9qzsihCoc65rwqP1Wq9va9C2R85k7 XNmQ== Received: by 10.43.49.3 with SMTP id uy3mr12261356icb.2.1335593314632; Fri, 27 Apr 2012 23:08:34 -0700 (PDT) Received: from DataIX.net (adsl-99-119-128-231.dsl.klmzmi.sbcglobal.net. [99.119.128.231]) by mx.google.com with ESMTPS id p5sm5898338igl.2.2012.04.27.23.08.33 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 27 Apr 2012 23:08:34 -0700 (PDT) Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.5/8.14.5) with ESMTP id q3S68U9c048539 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 28 Apr 2012 02:08:30 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Received: (from jhellenthal@localhost) by DataIX.net (8.14.5/8.14.5/Submit) id q3S68U6m048538; Sat, 28 Apr 2012 02:08:30 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Date: Sat, 28 Apr 2012 02:08:30 -0400 From: Jason Hellenthal To: Dirk Engling Message-ID: <20120428060830.GA47982@DataIX.net> References: <4F99AB0E.4090805@FreeBSD.org> <4F9B6E8F.8070708@erdgeist.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4F9B6E8F.8070708@erdgeist.org> X-Gm-Message-State: ALoCoQkHldAR/AWDp9nha9lLJIDgiGpaH6+ZMi7NlV/8qfs9Xnf5bUWZIYoCQZ/Z1EPKcKkfdNND Cc: FreeBSD-Jail , Jamie Gritton Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 06:08:35 -0000 On Sat, Apr 28, 2012 at 06:14:07AM +0200, Dirk Engling wrote: > On 26.04.12 22:07, Jamie Gritton wrote: > > > I've finally put my jail(8) changes into HEAD. This new version of jail > > can create jails from a configuration file - see jail.conf(5) for the > > format, as well as some additions to jail(8). This doesn't mean you > > *have* to use jail.conf, but it's a better way to manage jails than the > > existing rc.conf method. > > Out of curiosity, why did you settle for a /etc/jail.conf instead of a > /etc/jail.d/? Your config file format introduces the dependency into an > expensive parser while adding little value. Even worse, the user now has > to struggle with just another format describing the system. > > I can foresee that my automated jail management tool ezjail will not be > able to support the jail.conf format due to the lack of a parser. A look > into ezjails config directory structure can give you a hint of how to > achieve some similar clean up with built in tools. Since when does a lack of a parser in "YOUR tool" become a problem for FreeBSD ? just sayin! 10.X is not due for a while anyway. Should give you time to adjust. > > I am not saying, the config directory format is perfect, the current > redundancy in jail_JAILNAME variables is a mess, but inventing a > container format where files would do just fine in my opinion is overkill. > > Regards, > > erdgeist > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" -- - (2^(N-1)) From owner-freebsd-jail@FreeBSD.ORG Sat Apr 28 11:51:08 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B2133106564A for ; Sat, 28 Apr 2012 11:51:08 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [217.13.206.130]) by mx1.freebsd.org (Postfix) with ESMTP id E60198FC0C for ; Sat, 28 Apr 2012 11:51:06 +0000 (UTC) Received: (qmail 20840 invoked from network); 28 Apr 2012 11:51:04 -0000 Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org) by elektropost.org with CAMELLIA256-SHA encrypted SMTP; 28 Apr 2012 11:51:04 -0000 Message-ID: <4F9BD9A7.3070107@erdgeist.org> Date: Sat, 28 Apr 2012 13:51:03 +0200 From: Dirk Engling User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20120420 Thunderbird/12.0 MIME-Version: 1.0 To: Jason Hellenthal References: <4F99AB0E.4090805@FreeBSD.org> <4F9B6E8F.8070708@erdgeist.org> <20120428060830.GA47982@DataIX.net> In-Reply-To: <20120428060830.GA47982@DataIX.net> X-Enigmail-Version: 1.4.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 11:51:08 -0000 On 28.04.12 08:08, Jason Hellenthal wrote: > Since when does a lack of a parser in "YOUR tool" become a problem for > FreeBSD ? just sayin! I mixed a reply to Bjoern A. Zeeb's question about ezjail supporting the config format in into the remarks I had about the general design decisions. Of course, the FreeBSD project is free to deliver any infrastructural code it chooses. My objections to the jail.conf may be biased, but I still stand by them and am still curios. > 10.X is not due for a while anyway. Should give you time to adjust. No, ezjail is completely written in sh, so there is little chance to "adjust". Implementing a config file parser is out of the question. Regards, erdgeist From owner-freebsd-jail@FreeBSD.ORG Sat Apr 28 14:38:36 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E17F2106564A for ; Sat, 28 Apr 2012 14:38:36 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) by mx1.freebsd.org (Postfix) with ESMTP id ACFCC8FC0C for ; Sat, 28 Apr 2012 14:38:36 +0000 (UTC) Received: from glorfindel.gritton.org (c-174-52-130-208.hsd1.ut.comcast.net [174.52.130.208]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q3SEcQX2003314; Sat, 28 Apr 2012 08:38:26 -0600 (MDT) (envelope-from jamie@FreeBSD.org) Message-ID: <4F9C00E2.3070205@FreeBSD.org> Date: Sat, 28 Apr 2012 08:38:26 -0600 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.24) Gecko/20120129 Thunderbird/3.1.16 MIME-Version: 1.0 To: Dirk Engling References: <4F99AB0E.4090805@FreeBSD.org> <4F9B6E8F.8070708@erdgeist.org> In-Reply-To: <4F9B6E8F.8070708@erdgeist.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 14:38:37 -0000 The main reason I didn't consider a jail.d approach is just that I haven't - such things are a little off the radar for me. It seemed very natural to use a configuration file format that other programs already use (e.g. named, apmd, devd). I suppose it's true that the "foo.d" approach is also in use by other programs, though I mostly seem to see those on Linux. And if I did opt for a directory approach, the files within the directory would still need a format - you can't get away from the fact that a config file needs a format. It would be nice to have a general parser for C-style config files, and I looked for such a library when I started on this. But such a library doesn't seem to exist.Perhaps it's time to make one. - Jamie On 04/27/12 22:14, Dirk Engling wrote: > On 26.04.12 22:07, Jamie Gritton wrote: > >> I've finally put my jail(8) changes into HEAD. This new version of jail >> can create jails from a configuration file - see jail.conf(5) for the >> format, as well as some additions to jail(8). This doesn't mean you >> *have* to use jail.conf, but it's a better way to manage jails than the >> existing rc.conf method. > > Out of curiosity, why did you settle for a /etc/jail.conf instead of a > /etc/jail.d/? Your config file format introduces the dependency into an > expensive parser while adding little value. Even worse, the user now has > to struggle with just another format describing the system. > > I can foresee that my automated jail management tool ezjail will not be > able to support the jail.conf format due to the lack of a parser. A look > into ezjails config directory structure can give you a hint of how to > achieve some similar clean up with built in tools. > > I am not saying, the config directory format is perfect, the current > redundancy in jail_JAILNAME variables is a mess, but inventing a > container format where files would do just fine in my opinion is overkill. > > Regards, > > erdgeist From owner-freebsd-jail@FreeBSD.ORG Sat Apr 28 16:53:11 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DB8BD1065676; Sat, 28 Apr 2012 16:53:11 +0000 (UTC) (envelope-from Devin.Teske@fisglobal.com) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) by mx1.freebsd.org (Postfix) with ESMTP id 9B98F8FC19; Sat, 28 Apr 2012 16:53:11 +0000 (UTC) Received: from pps.filterd (ltcfislmsgpa02 [127.0.0.1]) by ltcfislmsgpa02.fnfis.com (8.14.4/8.14.4) with SMTP id q3SGmVC2010255; Sat, 28 Apr 2012 11:52:59 -0500 Received: from smtp.fisglobal.com ([10.132.206.15]) by ltcfislmsgpa02.fnfis.com with ESMTP id 14gc6g1cg5-1 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Sat, 28 Apr 2012 11:52:59 -0500 Received: from [10.0.0.105] (10.14.152.61) by smtp.fisglobal.com (10.132.206.15) with Microsoft SMTP Server (TLS) id 14.2.283.3; Sat, 28 Apr 2012 11:52:58 -0500 MIME-Version: 1.0 (Apple Message framework v1257) From: Devin Teske In-Reply-To: <4F9C00E2.3070205@FreeBSD.org> Date: Sat, 28 Apr 2012 09:52:56 -0700 Content-Transfer-Encoding: quoted-printable Message-ID: References: <4F99AB0E.4090805@FreeBSD.org> <4F9B6E8F.8070708@erdgeist.org> <4F9C00E2.3070205@FreeBSD.org> To: Jamie Gritton X-Mailer: Apple Mail (2.1257) X-Originating-IP: [10.14.152.61] X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.6.7580, 1.0.260, 0.0.0000 definitions=2012-04-28_05:2012-04-27, 2012-04-28, 1970-01-01 signatures=0 Content-Type: text/plain; charset="iso-8859-1" Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 16:53:11 -0000 On Apr 28, 2012, at 7:38 AM, Jamie Gritton wrote: > The main reason I didn't consider a jail.d approach is just that I > haven't - such things are a little off the radar for me. It seemed very > natural to use a configuration file format that other programs already > use (e.g. named, apmd, devd). I suppose it's true that the "foo.d" > approach is also in use by other programs, though I mostly seem to see > those on Linux. And if I did opt for a directory approach, the files > within the directory would still need a format - you can't get away from > the fact that a config file needs a format. >=20 > It would be nice to have a general parser for C-style config files, and > I looked for such a library when I started on this. But such a library > doesn't seem to exist.Perhaps it's time to make one. >=20 The config file format that you've chosen is remarkably identical to config= files for which I've already written parsers. So, I guess I'm saying that I'm willing to help out in this area. My parser is written in C, it's very small and light-weight, and it's calle= d figpar (con[fig par]ser). I can dust if off, slap a BSD license on it, wrap a utility around it and w= e could have something like sysrc (which operates on the collection of rc.c= onf(5) files). Alternatively, I could rewrite it in something like sh(1) if C is not desir= ed. --=20 Devin > On 04/27/12 22:14, Dirk Engling wrote: >> On 26.04.12 22:07, Jamie Gritton wrote: >>=20 >>> I've finally put my jail(8) changes into HEAD. This new version of jail >>> can create jails from a configuration file - see jail.conf(5) for the >>> format, as well as some additions to jail(8). This doesn't mean you >>> *have* to use jail.conf, but it's a better way to manage jails than the >>> existing rc.conf method. >>=20 >> Out of curiosity, why did you settle for a /etc/jail.conf instead of a >> /etc/jail.d/? Your config file format introduces the dependency into an >> expensive parser while adding little value. Even worse, the user now has >> to struggle with just another format describing the system. >>=20 >> I can foresee that my automated jail management tool ezjail will not be >> able to support the jail.conf format due to the lack of a parser. A look >> into ezjails config directory structure can give you a hint of how to >> achieve some similar clean up with built in tools. >>=20 >> I am not saying, the config directory format is perfect, the current >> redundancy in jail_JAILNAME variables is a mess, but inventing a >> container format where files would do just fine in my opinion is overkil= l. >>=20 >> Regards, >>=20 >> erdgeist > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you. From owner-freebsd-jail@FreeBSD.ORG Sat Apr 28 22:52:43 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D7980106566B for ; Sat, 28 Apr 2012 22:52:43 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) by mx1.freebsd.org (Postfix) with ESMTP id A03268FC17 for ; Sat, 28 Apr 2012 22:52:43 +0000 (UTC) Received: from glorfindel.gritton.org (c-174-52-130-208.hsd1.ut.comcast.net [174.52.130.208]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q3SMqcXn007234; Sat, 28 Apr 2012 16:52:39 -0600 (MDT) (envelope-from jamie@FreeBSD.org) Message-ID: <4F9C74B4.70308@FreeBSD.org> Date: Sat, 28 Apr 2012 16:52:36 -0600 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.24) Gecko/20120129 Thunderbird/3.1.16 MIME-Version: 1.0 To: Devin Teske References: <4F99AB0E.4090805@FreeBSD.org> <4F9B6E8F.8070708@erdgeist.org> <4F9C00E2.3070205@FreeBSD.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 22:52:43 -0000 I don't know about wrapping a utility around it, but it would be nice to have in a library. If it could be made to work for not only jail, but apmd and devd as well, then we could make some existing code cleaner. - Jamie On 04/28/12 10:52, Devin Teske wrote: > On Apr 28, 2012, at 7:38 AM, Jamie Gritton wrote: > >> The main reason I didn't consider a jail.d approach is just that I >> haven't - such things are a little off the radar for me. It seemed very >> natural to use a configuration file format that other programs already >> use (e.g. named, apmd, devd). I suppose it's true that the "foo.d" >> approach is also in use by other programs, though I mostly seem to see >> those on Linux. And if I did opt for a directory approach, the files >> within the directory would still need a format - you can't get away from >> the fact that a config file needs a format. >> >> It would be nice to have a general parser for C-style config files, and >> I looked for such a library when I started on this. But such a library >> doesn't seem to exist.Perhaps it's time to make one. >> > > The config file format that you've chosen is remarkably identical to config files for which I've already written parsers. > > So, I guess I'm saying that I'm willing to help out in this area. > > My parser is written in C, it's very small and light-weight, and it's called figpar (con[fig par]ser). > > I can dust if off, slap a BSD license on it, wrap a utility around it and we could have something like sysrc (which operates on the collection of rc.conf(5) files). > > Alternatively, I could rewrite it in something like sh(1) if C is not desired. From owner-freebsd-jail@FreeBSD.ORG Sat Apr 28 22:59:55 2012 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C086B1065678 for ; Sat, 28 Apr 2012 22:59:55 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from m2.gritton.org (gritton.org [199.192.164.235]) by mx1.freebsd.org (Postfix) with ESMTP id 8B0E08FC1B for ; Sat, 28 Apr 2012 22:59:55 +0000 (UTC) Received: from glorfindel.gritton.org (c-174-52-130-208.hsd1.ut.comcast.net [174.52.130.208]) (authenticated bits=0) by m2.gritton.org (8.14.4/8.14.4) with ESMTP id q3SMxppn007308; Sat, 28 Apr 2012 16:59:52 -0600 (MDT) (envelope-from jamie@FreeBSD.org) Message-ID: <4F9C7667.8030907@FreeBSD.org> Date: Sat, 28 Apr 2012 16:59:51 -0600 From: Jamie Gritton User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.24) Gecko/20120129 Thunderbird/3.1.16 MIME-Version: 1.0 To: Jason Hellenthal References: <4F99AB0E.4090805@FreeBSD.org> <4F9B6E8F.8070708@erdgeist.org> <20120428060830.GA47982@DataIX.net> In-Reply-To: <20120428060830.GA47982@DataIX.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 22:59:55 -0000 On 04/28/12 00:08, Jason Hellenthal wrote: > On Sat, Apr 28, 2012 at 06:14:07AM +0200, Dirk Engling wrote: >> On 26.04.12 22:07, Jamie Gritton wrote: >> >>> I've finally put my jail(8) changes into HEAD. This new version of jail >>> can create jails from a configuration file - see jail.conf(5) for the >>> format, as well as some additions to jail(8). This doesn't mean you >>> *have* to use jail.conf, but it's a better way to manage jails than the >>> existing rc.conf method. >> >> Out of curiosity, why did you settle for a /etc/jail.conf instead of a >> /etc/jail.d/? Your config file format introduces the dependency into an >> expensive parser while adding little value. Even worse, the user now has >> to struggle with just another format describing the system. >> >> I can foresee that my automated jail management tool ezjail will not be >> able to support the jail.conf format due to the lack of a parser. A look >> into ezjails config directory structure can give you a hint of how to >> achieve some similar clean up with built in tools. > > Since when does a lack of a parser in "YOUR tool" become a problem for > FreeBSD ? just sayin! To be fair, ezjail is a tool is pretty wide use, and I had no intention of breaking it - but also no knowledge of its internals. This thing has been sitting around in the projects directory for a long time now, with requests for review and comments. It's kind of disheartening to only hear this the day I committed it to HEAD. - Jamie From owner-freebsd-jail@FreeBSD.ORG Sat Apr 28 23:30:37 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 891F01065673 for ; Sat, 28 Apr 2012 23:30:37 +0000 (UTC) (envelope-from jhellenthal@dataix.net) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id F0DFD8FC0A for ; Sat, 28 Apr 2012 23:30:36 +0000 (UTC) Received: by iahk25 with SMTP id k25so3585823iah.13 for ; Sat, 28 Apr 2012 16:30:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dataix.net; s=rsa; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to; bh=hc73EVSz1wkewfFqeShiUkZDrJlkUEpvH7vU1PUwJeQ=; b=cjIU2i8QzVcBXm1QLt3tHmMiGPVwlWwIZIzbxcTssKXDrfVZEhv4VV+DGpXYoeEHh+ CdaS52ivKObPcuNuHNiggV/RNYPI+TXvmsnQlSoxr5RnWVTyr9+WRz3buW5ZCZGH2Dit iDuNEzu3loLYK/ewTxGHBmzlVQZp5dIwvXG6s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:x-gm-message-state; bh=hc73EVSz1wkewfFqeShiUkZDrJlkUEpvH7vU1PUwJeQ=; b=cSVA3PMooedpkHcBc8F03gv5oF+RfSsL+atDNHiIYwHdnKZWiQmIyRmR1HTqe0RVOr ZlmJTb8FQD1/Le0siWQFe838Rh0Vxb91mfKDUfx3yP/12VxcGK7lePh5iiYQ5mHWwRue JNcixzN9xsj4Fet675lBza1x6SQsnYsQ5l5MIsatcHUUVW/NMg9qbhORmH41TBESjO28 jSrLjurd6XEKTG7pZfYDZrKKGAkdX5tu6MALFUPymA3tlU6u4b2ei/AKXWus6D3fV7uv dIHyEixhcaeFFiiqroM/MVC1Y9Ltujt/7Qy1H9O/OKj/D2idSCRDU4NnknREkXYZEgvP UKIQ== Received: by 10.50.157.167 with SMTP id wn7mr6811957igb.46.1335655836600; Sat, 28 Apr 2012 16:30:36 -0700 (PDT) Received: from DataIX.net (adsl-99-181-146-133.dsl.klmzmi.sbcglobal.net. [99.181.146.133]) by mx.google.com with ESMTPS id md6sm18669746igc.0.2012.04.28.16.30.34 (version=TLSv1/SSLv3 cipher=OTHER); Sat, 28 Apr 2012 16:30:35 -0700 (PDT) Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.5/8.14.5) with ESMTP id q3SNUVWe037633 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 28 Apr 2012 19:30:32 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Received: (from jhellenthal@localhost) by DataIX.net (8.14.5/8.14.5/Submit) id q3SNUVom037632; Sat, 28 Apr 2012 19:30:31 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Date: Sat, 28 Apr 2012 19:30:31 -0400 From: Jason Hellenthal To: Jamie Gritton Message-ID: <20120428233031.GB34324@DataIX.net> References: <4F99AB0E.4090805@FreeBSD.org> <4F9B6E8F.8070708@erdgeist.org> <20120428060830.GA47982@DataIX.net> <4F9C7667.8030907@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4F9C7667.8030907@FreeBSD.org> X-Gm-Message-State: ALoCoQnY4487aN2i3I+8AZGxzX1+fQKqtFpwazPq58Rapvx+/Q51SAQCVxsR3hThEnV/Hiz3vQsB Cc: FreeBSD-Jail Subject: Re: New jail(8) committed X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Apr 2012 23:30:37 -0000 On Sat, Apr 28, 2012 at 04:59:51PM -0600, Jamie Gritton wrote: > On 04/28/12 00:08, Jason Hellenthal wrote: > > On Sat, Apr 28, 2012 at 06:14:07AM +0200, Dirk Engling wrote: > >> On 26.04.12 22:07, Jamie Gritton wrote: > >> > >>> I've finally put my jail(8) changes into HEAD. This new version of jail > >>> can create jails from a configuration file - see jail.conf(5) for the > >>> format, as well as some additions to jail(8). This doesn't mean you > >>> *have* to use jail.conf, but it's a better way to manage jails than the > >>> existing rc.conf method. > >> > >> Out of curiosity, why did you settle for a /etc/jail.conf instead of a > >> /etc/jail.d/? Your config file format introduces the dependency into an > >> expensive parser while adding little value. Even worse, the user now has > >> to struggle with just another format describing the system. > >> > >> I can foresee that my automated jail management tool ezjail will not be > >> able to support the jail.conf format due to the lack of a parser. A look > >> into ezjails config directory structure can give you a hint of how to > >> achieve some similar clean up with built in tools. > > > > Since when does a lack of a parser in "YOUR tool" become a problem for > > FreeBSD ? just sayin! > > To be fair, ezjail is a tool is pretty wide use, and I had no intention > of breaking it - but also no knowledge of its internals. This thing has > been sitting around in the projects directory for a long time now, with > requests for review and comments. It's kind of disheartening to only > hear this the day I committed it to HEAD. > I could see how that could be. On one hand though tools like ezjail enable people to create jails for which they do not know why they are creating those jails and while creating those jails is already (ez)enough but for the most part requires a understanding of the jail technology and all that comes with it. Moving in the direction of your committs, I believe is the right direction to come to a happy medium and giving them the control over the jails that they can easily find and understand within the base system. Personally I create jails from cpio(1) base-sets that are as minimal as are needed with a very simple script that runs after extraction to change whatever tunables and enable the jail to run. I refuse to use ezjail due to how easy I find jails already and seeing the current changes in jail(8) with a configuration it will only make it better. I consider HEAD to be test technology in which gives projects like ezjail time to ramp-up and test the future. Some of those changes might just be dropping features because they have been included in the base system or changed so drasticly it calls for re-engineering. I think a drawback with the new jail(8) configuration has been the way toooooo long extended dependency on configuration through environment variables and certainly can be seen through the use of large scripted out administrator tools. -- - (2^(N-1))