From owner-cvs-all@FreeBSD.ORG Tue Dec 28 10:43:34 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 51F5516A4CE; Tue, 28 Dec 2004 10:43:34 +0000 (GMT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 15EB443D68; Tue, 28 Dec 2004 10:43:34 +0000 (GMT) (envelope-from rse@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id iBSAhX1V010347; Tue, 28 Dec 2004 10:43:33 GMT (envelope-from rse@repoman.freebsd.org) Received: (from rse@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id iBSAhXYT010346; Tue, 28 Dec 2004 10:43:33 GMT (envelope-from rse) Message-Id: <200412281043.iBSAhXYT010346@repoman.freebsd.org> From: "Ralf S. Engelschall" Date: Tue, 28 Dec 2004 10:43:33 +0000 (UTC) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: RELENG_5 Subject: cvs commit: src/etc/defaults rc.conf src/etc/rc.d jail src/etc rc.shutdown X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Dec 2004 10:43:34 -0000 rse 2004-12-28 10:43:33 UTC FreeBSD src repository Modified files: (Branch: RELENG_5) etc/defaults rc.conf etc/rc.d jail etc rc.shutdown Log: MFC: src/etc/defaults/rc.conf:1.234 src/etc/rc.d/jail:1.20 src/etc/rc.shutdown:1.30 Improve the RC framework for the clean booting/shutdown of Jails: 1. Feature: for flexibility reasons and as a prerequisite to clean shutdowns, allow the configuration of a stop/shutdown command via rc.conf variable "jail__exec_stop" in addition to the start/boot command (rc.conf variable "jail__exec_start"). For backward compatibility reasons, rc.conf variable "jail__exec" is still supported, too. 2. Debug: Add the used boot/shutdown commands to the debug output of the /etc/rc.d/jail script, too. 3. Security: Run the Jail start/boot command in a cleaned environment to not leak information from the host to the Jail during startup. 4. Feature: Run the Jail stop/shutdown command "jail__exec_stop" on "/etc/rc.d/jail stop " to allow a graceful shutdown of the Jail before its processes are just killed. 5. Bugfix: When killing the remaining Jail processes give the processes time to actually perform their termination sequence. Without this the subsequent umount(8) operations usually fail because the resources are still in use. Additionally, if after trying to TERM-inate the processes there are still processes hanging around, finally just KILL them. 6. Bugfix: In rc.shutdown, if running inside a Jail, skip the /etc/rc.d/* scripts which are flagged with the KEYWORD "nojail" to allow the correct operation of rc.shutdown under jail__exec_stop="/bin/sh /etc/rc.shutdown". This is analogous to what /etc/rc does inside a Jail. Now the following typical host-configuration for two Jails works as expected and correctly boots and shutdowns the Jails: ----------------------------------------------------------- # /etc/rc.conf: jail_enable="YES" jail_list="foo bar" jail_foo_rootdir="/j/foo" jail_foo_hostname="foo.example.com" jail_foo_ip="192.168.0.1" jail_foo_devfs_enable="YES" jail_foo_mount_enable="YES" jail_foo_exec_start="/bin/sh /etc/rc" jail_foo_exec_stop="/bin/sh /etc/rc.shutdown" jail_bar_rootdir="/j/bar" jail_bar_hostname="bar.example.com" jail_bar_ip="192.168.0.2" jail_bar_devfs_enable="YES" jail_bar_mount_enable="YES" jail_bar_exec_start="/path/to/kjailer -v" jail_bar_exec_stop="/bin/sh -c 'killall kjailer && sleep 60'" ----------------------------------------------------------- # /etc/fstab.foo /v/foo /j/foo/v/foo nullfs rw 0 0 ----------------------------------------------------------- # /etc/fstab.bar /v/bar /j/bar/v/bar nullfs rw 0 0 ----------------------------------------------------------- Revision Changes Path 1.212.2.8 +2 -1 src/etc/defaults/rc.conf 1.15.2.4 +25 -3 src/etc/rc.d/jail 1.27.2.3 +3 -1 src/etc/rc.shutdown