[Bug 154484] [patch] request for new functionality. jail zfs dataset on jail start up by /etc/rc.d/jail
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 08 Jun 2022 05:09:51 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=154484
Bryan Drewery <bdrewery@FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bdrewery@FreeBSD.org
--- Comment #5 from Bryan Drewery <bdrewery@FreeBSD.org> ---
We need "zfs jail" between jail(2) and "jexec sh /etc/rc". exec.created fits
there. This works:
exec.created = "zfs jail $name pool/dataset"
For rc.d/jail though I had to use this patch:
--- /tmp/jail 2022-06-07 21:56:17.886298000 -0700
+++ /etc/rc.d/jail 2022-06-07 21:56:19.863706000 -0700
@@ -213,6 +213,7 @@ parse_options()
echo " exec.system_user = \"root\";"
echo " exec.jail_user = \"root\";"
extract_var $_jv exec_prestart exec.prestart 0 ""
+ extract_var $_jv exec_created exec.created - ""
extract_var $_jv exec_poststart exec.poststart 0 ""
extract_var $_jv exec_prestop exec.prestop 0 ""
extract_var $_jv exec_poststop exec.poststop 0 ""
There is no good place for a "zfs unjail" though.
We need "zfs unjail" between "jexec sh /etc/rc.shutdown" and jail_remove(2).
I think most of the patch here does not apply anymore and jail(8) handles
executing commands itself. If we add a spot between stop and IP__OP that
executes in the system it should work. Very incomplete example of where to
start on a proper patch:
diff --git usr.sbin/jail/jail.c usr.sbin/jail/jail.c
index 63096146f176..13bbfe5f69e3 100644
--- usr.sbin/jail/jail.c
+++ usr.sbin/jail/jail.c
@@ -114,6 +114,7 @@ static const enum intparam stopcommands[] = {
IP_EXEC_PRESTOP,
IP_EXEC_STOP,
IP_STOP_TIMEOUT,
+ IP_EXEC_STOPPED,
IP__OP,
IP_EXEC_POSTSTOP,
IP_MOUNT_PROCFS,
--
You are receiving this mail because:
You are the assignee for the bug.