[Bug 154484] [patch] request for new functionality. jail zfs dataset on jail start up by /etc/rc.d/jail
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 08 Jun 2022 05:09:51 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=154484 Bryan Drewery <bdrewery@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bdrewery@FreeBSD.org --- Comment #5 from Bryan Drewery <bdrewery@FreeBSD.org> --- We need "zfs jail" between jail(2) and "jexec sh /etc/rc". exec.created fits there. This works: exec.created = "zfs jail $name pool/dataset" For rc.d/jail though I had to use this patch: --- /tmp/jail 2022-06-07 21:56:17.886298000 -0700 +++ /etc/rc.d/jail 2022-06-07 21:56:19.863706000 -0700 @@ -213,6 +213,7 @@ parse_options() echo " exec.system_user = \"root\";" echo " exec.jail_user = \"root\";" extract_var $_jv exec_prestart exec.prestart 0 "" + extract_var $_jv exec_created exec.created - "" extract_var $_jv exec_poststart exec.poststart 0 "" extract_var $_jv exec_prestop exec.prestop 0 "" extract_var $_jv exec_poststop exec.poststop 0 "" There is no good place for a "zfs unjail" though. We need "zfs unjail" between "jexec sh /etc/rc.shutdown" and jail_remove(2). I think most of the patch here does not apply anymore and jail(8) handles executing commands itself. If we add a spot between stop and IP__OP that executes in the system it should work. Very incomplete example of where to start on a proper patch: diff --git usr.sbin/jail/jail.c usr.sbin/jail/jail.c index 63096146f176..13bbfe5f69e3 100644 --- usr.sbin/jail/jail.c +++ usr.sbin/jail/jail.c @@ -114,6 +114,7 @@ static const enum intparam stopcommands[] = { IP_EXEC_PRESTOP, IP_EXEC_STOP, IP_STOP_TIMEOUT, + IP_EXEC_STOPPED, IP__OP, IP_EXEC_POSTSTOP, IP_MOUNT_PROCFS, -- You are receiving this mail because: You are the assignee for the bug.