Patch: make the jail(8) command set the jid parameter
Dirk Engling
erdgeist at erdgeist.org
Fri Oct 18 19:53:45 UTC 2013
Hello,
I've created a patch to the jail command that allows statements like
exec.poststart = "touch /startjailid_${jid}";
exec.prestop = "touch /stopjailid_${jid}";
in a jail.conf work as expected, even if the jid is not specified there,
i.e. for jails without a pinned jid.
It works by splitting variable substitution in two parts. In the first
pass a missing jid parameter is ignored, running_jid and the IP__OP
create operation will then set the jail's jid parameter and try to
resolve any references not done before.
The code should probably check for references to $jid before it is
available (i.e. in the exec.prestart variable), but just substituting
the empty string as it happens now should be just fine.
Find the patch at
https://erdgeist.org/arts/software/jail/usr.sbin.jail-jid.patch
Regards,
erdgeist
More information about the freebsd-jail
mailing list