[RFC] Skeleton jail (rc.d feature proposal)
quakelee at geekcn.org
Thu Feb 19 18:20:11 PST 2009
在 Fri, 20 Feb 2009 09:16:19 +0800，Xin LI <delphij at delphij.net> 写道:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Hi, Bjoern,
> Bjoern A. Zeeb wrote:
>> I do not have the following two on most/any of my machines:
> I agree.
>> The correct way to do this I think would leave rc.d/jail untouched and
>> (pre-)populate an /etc/fstab.<jname> and use that.
> I do not think this is a very good approach for this use case.
> Making it an rc.conf option, enables the following tasks as a one-liner
> - Enabling/Disabling skeleton jail (how will the system perform if I
> have the template directories read-only?);
> - Switching template root (what will happen if switch from 7.1 userland
> to 7.2 userland?);
> - Change mount points within all jails.
> I do admit that all these can be done with scripts though.
> - --
> Xin LI <delphij at delphij.net> http://www.delphij.net/
> FreeBSD - The Power to Serve!
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.10 (FreeBSD)
> -----END PGP SIGNATURE-----
> freebsd-current at freebsd.org mailing list
> To unsubscribe, send any mail to
> "freebsd-current-unsubscribe at freebsd.org"
I think I like Li Xin's way. I have set a jail host in my company with Li
Xin's patch, it didn't change the usage of original jail
system, just add a make target in /usr/src/Makefile, I can use skeleton
jail and original jail in one jail host. They have not much
differents in rc.conf, if want skeleton, I just add two options with
normal settings. It is compatible way with orignal design.
The Power to Serve
More information about the freebsd-current