Date: Fri, 1 Feb 2013 20:12:04 GMT From: Joe Barbish <qjail@a1poweruser.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/175771: [Maintainer update] sysutils/qjail major maint update Message-ID: <201302012012.r11KC481053520@red.freebsd.org> Resent-Message-ID: <201302012020.r11KK0Eu081593@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 175771
>Category: ports
>Synopsis: [Maintainer update] sysutils/qjail major maint update
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Fri Feb 01 20:20:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Joe Barbish
>Release: 9.1-RELEASE
>Organization:
none
>Environment:
>Description:
Changes are;
1. Added logic to interrogate the content of flavors for correctness
before allowing them to be merged into the newjail being created.
Only paths targeting directories holding configuration files are
allowed now. The jail create process is terminated and the offending
paths are listed in error messages.
2. Changed the /root/.cshrc file in both flavors “default and ssh-default”
to now contain setenv PACKAGESITE “ to point to packages-current”
so login users of any jail will have the most current package
version available.
4. In the qjail install logic added code to create these additional paths
in basejail, /usr/ports/packages, /usr/home and /home link.
5. The create -D -I options have been combined to just -d.
6. The create -i -s options have been combined to just -i.
7. The create -c & -C options have been reduced to just -c.
8. The create options -c and -f ssh-default now force the first time
login user to enter a new password.
9. Added logic to create, that rolls through the ip addresses of the existing
jails to verify the ip address/addresses on the create command are not
all ready used.
10. Corrected the list command display format when jail has more than a
single ip address.
11. Changed the order jails are started, stopped, restarted, and listed
from <z to a> to <a to z>. Also for boot starts.
12. Added system wide logging. Every qjail subcommand and error message
is logged to /var/log/qjail.log. Rotating of the log is enabled.
13. The install subcommand has new -l option to activate system wide logging.
14. The update subcommand has [-l on|off] option to turn logging on and off.
15. Added new subcommand logmsg. This posts comments to the log file.
16. Changed update –p option to use it’s own /usr/local/etc/qjail.portsnap.conf
file instead of the hosts /etc/portsnap.conf. Enabled REFUSE statements in
/usr/local/etc/qjail.portsnap.conf to drop categories most likely to never be
used to compile ports inside of a jail.
17. As sparse image allocations get larger 1G -> 5G creating jails from archives was taking very long times to complete, 20 minutes or more. Archives of sparse images larger that 7G caused terminations. All these things have one thing in common. They all used the pax and cpio utilities. Turns out these utilities are not sparse file aware. Had to completely change the way sparse image jails moved through the qjail system. Now the archive process opens the sparse image and really archives it as a directory tree jail. This required restore and create –a options to change also.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -ruN qjail-20/Makefile qjail/Makefile
--- qjail-20/Makefile 2013-01-10 13:07:15.000000000 -0500
+++ qjail/Makefile 2013-02-01 13:15:08.000000000 -0500
@@ -2,7 +2,7 @@
# $FreeBSD: ports/sysutils/qjail/Makefile,v 1.13 2013/01/02 10:42:03 svnexp Exp $
PORTNAME= qjail
-PORTVERSION= 2.0
+PORTVERSION= 2.1
CATEGORIES= sysutils
MASTER_SITES= SF/${PORTNAME}
@@ -14,7 +14,7 @@
USE_BZIP2= yes
NO_BUILD= yes
-MAN8= qjail.8 qjail-intro.8 qjail.conf.8
+MAN8= qjail.8 qjail-intro.8 qjail.conf.8 qjail-howto.8
post-patch:
@${FIND} ${WRKSRC} -type f | ${XARGS} ${REINPLACE_CMD} \
@@ -26,7 +26,8 @@
@${INSTALL_SCRIPT} ${WRKSRC}/qjail2 ${PREFIX}/etc/rc.d
@${INSTALL_SCRIPT} ${WRKSRC}/qjail-jail2 ${PREFIX}/etc/rc.d
@${INSTALL_DATA} ${WRKSRC}/qjail.conf.sample ${PREFIX}/etc
-.for i in qjail qjail-intro qjail.conf
+ @${INSTALL_DATA} ${WRKSRC}/qjail.portsnap.conf ${PREFIX}/etc
+.for i in qjail qjail-intro qjail.conf qjail-howto
@${INSTALL_MAN} ${WRKSRC}/${i}.8 ${MAN8PREFIX}/man/man8
.endfor
# note examples are mandatory. qjail will not function without them
diff -ruN qjail-20/distinfo qjail/distinfo
--- qjail-20/distinfo 2013-01-10 13:07:15.000000000 -0500
+++ qjail/distinfo 2013-02-01 13:15:54.000000000 -0500
@@ -1,2 +1,2 @@
-SHA256 (qjail-2.0.tar.bz2) = d6ef6a034f58be79e3e0eef7ac2f5c94b810a3e57e9abbe578bbd5153238ca2f
-SIZE (qjail-2.0.tar.bz2) = 49135
+SHA256 (qjail-2.1.tar.bz2) = 1b051c5c43334bc0b5cd1c3ac4b13ab06c7c552095aaedcdf69ff83349de4af5
+SIZE (qjail-2.1.tar.bz2) = 57497
diff -ruN qjail-20/pkg-message qjail/pkg-message
--- qjail-20/pkg-message 2013-01-10 13:07:15.000000000 -0500
+++ qjail/pkg-message 2013-01-10 13:10:36.000000000 -0500
@@ -3,3 +3,4 @@
First issue "rehash" command to enable the qjail command (if using csh).
Then issue "man qjail-intro" to read the qjail introduction.
After reading that do "man qjail" for the usage details.
+For the BIG PICTURE issue "man qjail-howto".
diff -ruN qjail-20/pkg-plist qjail/pkg-plist
--- qjail-20/pkg-plist 2013-01-10 13:07:15.000000000 -0500
+++ qjail/pkg-plist 2013-02-01 12:56:30.000000000 -0500
@@ -1,5 +1,6 @@
bin/qjail
etc/qjail.conf.sample
+etc/qjail.portsnap.conf
etc/rc.d/qjail-jail2
etc/rc.d/qjail2
%%EXAMPLESDIR%%/default/etc/make.conf
@@ -8,11 +9,9 @@
%%EXAMPLESDIR%%/default/etc/rc.conf
%%EXAMPLESDIR%%/default/root/.cshrc
%%EXAMPLESDIR%%/default/usr/local/etc/sudoers
-%%EXAMPLESDIR%%/default/usr/share/skel/dot.cshrc
%%EXAMPLESDIR%%/nullmailer-example/etc/mail/mailer.conf
%%EXAMPLESDIR%%/nullmailer-example/etc/rc.conf
%%EXAMPLESDIR%%/nullmailer-example/usr/local/etc/nullmailer/remotes
-%%EXAMPLESDIR%%/ssh-default/etc/csh.cshrc
%%EXAMPLESDIR%%/ssh-default/etc/group
%%EXAMPLESDIR%%/ssh-default/etc/make.conf
%%EXAMPLESDIR%%/ssh-default/etc/master.passwd
@@ -23,8 +22,6 @@
%%EXAMPLESDIR%%/ssh-default/etc/rc.conf
%%EXAMPLESDIR%%/ssh-default/etc/spwd.db
%%EXAMPLESDIR%%/ssh-default/etc/ssh/sshd_config
-%%EXAMPLESDIR%%/ssh-default/home
-%%EXAMPLESDIR%%/ssh-default/readme.txt
%%EXAMPLESDIR%%/ssh-default/root/.cshrc
%%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.cshrc
%%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.login
@@ -35,9 +32,6 @@
%%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.rhosts
%%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.shrc
%%EXAMPLESDIR%%/ssh-default/usr/local/etc/sudoers
-%%EXAMPLESDIR%%/ssh-default/usr/share/skel/dot.cshrc
-@dirrm %%EXAMPLESDIR%%/ssh-default/usr/share/skel
-@dirrm %%EXAMPLESDIR%%/ssh-default/usr/share
@dirrm %%EXAMPLESDIR%%/ssh-default/usr/home/qjail
@dirrm %%EXAMPLESDIR%%/ssh-default/usr/home
@dirrm %%EXAMPLESDIR%%/ssh-default/usr/local/etc
@@ -54,8 +48,6 @@
@dirrm %%EXAMPLESDIR%%/nullmailer-example/etc/mail
@dirrm %%EXAMPLESDIR%%/nullmailer-example/etc
@dirrm %%EXAMPLESDIR%%/nullmailer-example
-@dirrm %%EXAMPLESDIR%%/default/usr/share/skel
-@dirrm %%EXAMPLESDIR%%/default/usr/share
@dirrm %%EXAMPLESDIR%%/default/usr/local/etc
@dirrm %%EXAMPLESDIR%%/default/usr/local
@dirrm %%EXAMPLESDIR%%/default/usr
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201302012012.r11KC481053520>