rc.shutdown and jails
Julian Elischer
julian at elischer.org
Sat Dec 11 00:44:19 PST 2004
Ralf S. Engelschall wrote:
> On Fri, Dec 10, 2004, Nielsen wrote:
>
>
>>Ralf S. Engelschall wrote:
>>
>>>Currently a "/etc/rc.d/jail stop" just kills all processes in the
>>>individual jails. If /etc/default/rc.conf's default way of booting the
>>>jails (jail_exec="/bin/sh /etc/rc") is used this is a rather crual
>>>approach IMHO. I think if the jail is booted through /etc/rc it also
>>>should be given the chance to shutdown via /etc/rc.shutdown. If then
>>>there are still processes remaining, the killall(1) is fine, of course.
>>>This way packages and other sub-systems have the chance to perform a
>>>graceful shutdown.
>>
>>Definitely a good plan. You just have to watch out for environment
>>variable leakage into the jail subsystem when using jexec. A minor
>>concern, perhaps.
>>[...]
>
>
> Ok, good point. I think running "env -i /usr/sbin/jexec" instead of
> just "jexec" is sufficient here because the rc.shutdown reinitializes
> at least PATH and HOME again and the remaining variables should be not
> needed for the procedure.
I think we should introduce an "init" process for jails..
It would be responsible for all that the normal init is responsible for
except for being the default parent.. (some might argue for that too).
Sending it a particular signal would notify it to
send shutdown signals to all its compatriots in the jail etc.
In my (4.x) based jail systems I use a script jkill
to send a signl to all processes with a particular root node,
and a jps to allow me to look at the processes in a particular node.
We could certainly simplify the world by adding more utilities
of this sort.
Julian
More information about the freebsd-hackers
mailing list