[Bug 279494] www/apache24: make the start script service jails ready
- Reply: bugzilla-noreply_a_freebsd.org: "maintainer-feedback requested: [Bug 279494] www/apache24: make the start script service jails ready"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 279494] www/apache24: make the start script service jails ready"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 279494] www/apache24: make the start script service jails ready"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 279494] www/apache24: make the start script service jails ready"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 03 Jun 2024 12:38:39 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279494
            Bug ID: 279494
           Summary: www/apache24: make the start script service jails
                    ready
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: apache@FreeBSD.org
          Reporter: netchild@FreeBSD.org
             Flags: maintainer-feedback?(apache@FreeBSD.org)
          Assignee: apache@FreeBSD.org
Created attachment 251189
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=251189&action=edit
make the rc script service jail ready
Attached is a patch which makes the rc.d script service jails ready. This is a
new feature in -current.
The setup I've chosen is to allow ipv4/ipv6 access. It does not allow to use
sysv IPC in a jail. IF you want to add this possibility, the config would need
to be changed to "net_basic sysvipc" instead. The config can be overridden in
rc.conf.
See also:
  https://docs.freebsd.org/en/books/handbook/jails/#service-jails
  https://docs.freebsd.org/en/articles/rc-scripting/#rcng-service-jails
Some notes:
 - This is not tested.
 - Why are you using the special apache24_limits_* stuff? We have the
name_limits stuff as part of the rc framework.
 - The limits part in the precmd will probably not work in a service jail, as
the start command will be executed in a jail and the precmd outside the jail.
 - While the patch is taking the profiles into account, it may fail when the
jail is started, as the name of the service jail is derived from the name of
the rc script (assuming "profiles" means different instances of apache are
started for each profile). The tomcat/oauth2-proxy/openhab ports use a way to
have different instances of the software running in parallel which is based
upon the name of the rc script (links to the original rc script). That way
works well with service jails.
-- 
You are receiving this mail because:
You are the assignee for the bug.