Date: Thu, 11 May 2006 19:36:15 +0200 From: Dirk Engling <erdgeist@erdgeist.org> To: freebsd-rc@freebsd.org Subject: New jail_interface broken in 6.1-RELEASE Message-ID: <4463760F.7010304@erdgeist.org> In-Reply-To: <1147171780.4810.19.camel@mayday.esat.net> References: <20060508185155.H84453@erdgeist.org> <1147106428.2570.9.camel@localhost> <20060509124442.E84453@erdgeist.org> <1147171780.4810.19.camel@mayday.esat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear rc-team, as you seem to already have noticed by revision 1.32 there were several embarrassing mistakes introduced in /etc/rc.d/jail via http://www.freebsd.org/cgi/cvsweb.cgi/src/etc/rc.d/jail?rev=1.27&content-type=text/x-cvsweb-markup to implement a questionable feature[2]... merged from current just days before releasing FreeBSD-6.1. These have effectively killed my project[1], since jail_fstab is not being modified after the first jail started up, leading to missing base systems in all subsequent jails. I hardly can express in words how this smashed my view of FreeBSD as a mature reliable operating system. I will have to wait 6 months until RELEASE users have a working project again or introduce some rather unsexy workaround. (_if_ RELEASE users should update their ports...) Yet, you have up to now not even managed to mention these mistakes in errata. However, your fixes in 1.32 work so far and I'd love to see them in RELENG_6 to get at least MY servers running in a know working setup. Seriously distressed erdgeist [1] http://erdgeist.org/arts/softare/ezjail/ [2] I think, I laid out my discomfort with this feature in a private mail to flz, but there will be serious problems when using it. a) What, if I want to run several jails on one IP address? Stopping the first jail on that IP would remove the alias from my interface subsequently taking it away from the second jail. b) What, if I'd chose to run a jail on host systems IP? Stop it, BAMM - goes my host system. c) Why do you assume /32 to be the correct netmask for any given jail? What, if I want to put my jails in a different sub net? They are never going to see their gateway or other hosts in the subnet. I think, this feature is not thought through, badly implemented, merged too early and a shame for FreeBSD. If it wouldn't be too late I'd vote for removing it completely until more use cases are checked and more testing has been done. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (Darwin) iD8DBQFEY3YOImmQdUyYEgkRAknkAJsFu1Hocj/0lrCLlo7JFFKBySKCGACgiwcF T6Zhdn9bZFP1ugXGqCJg3eU= =fBuV -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4463760F.7010304>