Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 21 Apr 2003 14:15:16 -0400
From:      Mike Makonnen <mtm@identd.net>
To:        "Scot W. Hetzel" <hetzels@westbend.net>
Cc:        freebsd-current@freebsd.org
Subject:   Re: Enhancements to the new rc.d/jail script
Message-ID:  <20030421181517.ZXCS27254.pop017.verizon.net@kokeb.ambesa.net>
In-Reply-To: <200304200055.h3K0tHJB005595@WBIw009.westbend.net>
References:  <200304200055.h3K0tHJB005595@WBIw009.westbend.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sat, 19 Apr 2003 19:55:17 -0500 (CDT)
"Scot W. Hetzel" <hetzels@westbend.net> wrote:

> 
> Currently rc.d/devfs starts after rc.d/jail, we need devfs rulesets
> defined before the jail is started (devfs added to rc.d/jail REQUIRE).

This should be doable. But, please get the devfs maintainer to signoff on it
first (dd@freebsd.org).

> 
> Added a standard jail ruleset to rc.d/devfs.

I agree with Doug, this should be behind an rc.conf knob.

> +# create an entry for each jail named in jail_list,  with these variables
> +# NOTE: replace 'example' with the jail's name from jail_list
> +#
> +jail_example_rootdir="/usr/jail/default"	# Jails root directory         
> +jail_example_hostname="default.domain.com"	# Jails hostname
> +jail_example_ip="192.168.0.10"			# Jails IP number
> +jail_example_exec="/bin/sh /etc/rc"		# command to execute in jail
> +jail_example_devfs="NO"				# mount devfs in jail
> +jail_example_devfs_rulset="10"			# devfs ruleset to apply to jail 
> +jail_example_procfs="NO"			# mount procfs in jail

I don't know if examples belong in defaults/rc.conf. The rc.conf(5) man page
already explains what additional knobs need to be set. However, if they do
belong here, then they should be commented out.

> RCS file: /home/ncvs/src/etc/rc.d/jail,v
> retrieving revision 1.3
> diff -u -r1.3 jail
> --- rc.d/jail	19 Apr 2003 07:50:32 -0000	1.3
> +++ rc.d/jail	20 Apr 2003 00:26:51 -0000
> @@ -4,8 +4,8 @@
>  #

The rest looks good. This makes the script a lot more useful. Thanks!

Cheers.
-- 
Mike Makonnen  | GPG-KEY: http://www.identd.net/~mtm/mtm.asc
mtm@identd.net | D228 1A6F C64E 120A A1C9  A3AA DAE1 E2AF DBCC 68B9
mtm@FreeBSD.Org| FreeBSD - The Power To Serve

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030421181517.ZXCS27254.pop017.verizon.net>