rc.shutdown and jails

Ralf S. Engelschall rse+freebsd-hackers at FreeBSD.org
Fri Dec 10 10:03:44 PST 2004 

Currently a "/etc/rc.d/jail stop" just kills all processes in the
individual jails. If /etc/default/rc.conf's default way of booting the
jails (jail_exec="/bin/sh /etc/rc") is used this is a rather crual
approach IMHO. I think if the jail is booted through /etc/rc it also
should be given the chance to shutdown via /etc/rc.shutdown. If then
there are still processes remaining, the killall(1) is fine, of course.
This way packages and other sub-systems have the chance to perform a
graceful shutdown.

It can be achieved through the following two changes (the one to
/etc/rc.shutdown follows the functionality we already have in /etc/rc).
Any opinions or even objections on them?

Index: rc.d/jail
===================================================================
RCS file: /home/ncvs/src/etc/rc.d/jail,v
retrieving revision 1.19
diff -u -d -r1.19 jail
--- rc.d/jail	24 Nov 2004 10:44:39 -0000	1.19
+++ rc.d/jail	10 Dec 2004 17:56:25 -0000
@@ -198,6 +198,10 @@
 			_jail_id=$(cat /var/run/jail_${_jail}.id)
 			if [ ! -z "${_jail_id}" ]; then
 				init_variables $_jail
+				if [ "${jail_exec}" = "/bin/sh /etc/rc" ]; then
+					jexec ${_jail_id} /bin/sh /etc/rc.shutdown \
+						>>${jail_rootdir}/var/log/console.log
+				fi
 				killall -j ${_jail_id} -TERM > /dev/null 2>&1
 				jail_umount_fs
 				echo -n " $jail_hostname"
Index: rc.shutdown
===================================================================
RCS file: /home/ncvs/src/etc/rc.shutdown,v
retrieving revision 1.29
diff -u -d -r1.29 rc.shutdown
--- rc.shutdown	17 Oct 2004 13:39:42 -0000	1.29
+++ rc.shutdown	10 Dec 2004 17:56:25 -0000
@@ -80,7 +80,11 @@
 # Determine the shutdown order of the /etc/rc.d scripts,
 # and perform the operation
 #
-files=`rcorder -k shutdown /etc/rc.d/* 2>/dev/null`
+rcorder_options="-k shutdown"
+if [ `/sbin/sysctl -n security.jail.jailed` -eq 1 ]; then
+    rcorder_options="$rcorder_options -s nojail"
+fi
+files=`rcorder ${rcorder_options} /etc/rc.d/* 2>/dev/null`

 for _rc_elem in `reverse_list $files`; do
 	debug "run_rc_script $_rc_elem faststop"


--
rse at FreeBSD.org                        Ralf S. Engelschall
FreeBSD.org/~rse                       rse at engelschall.com
FreeBSD committer                      www.engelschall.com

More information about the freebsd-hackers mailing list