[Bug 154484] [patch] request for new functionality. jail zfs dataset on jail start up by /etc/rc.d/jail

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 08 Jun 2022 05:09:51 UTC

Bryan Drewery <bdrewery@FreeBSD.org> changed:

           What    |Removed                     |Added
                 CC|                            |bdrewery@FreeBSD.org

--- Comment #5 from Bryan Drewery <bdrewery@FreeBSD.org> ---
We need "zfs jail" between jail(2) and "jexec sh /etc/rc". exec.created fits
there. This works:
  exec.created = "zfs jail $name pool/dataset"
For rc.d/jail though I had to use this patch:

--- /tmp/jail   2022-06-07 21:56:17.886298000 -0700
+++ /etc/rc.d/jail      2022-06-07 21:56:19.863706000 -0700
@@ -213,6 +213,7 @@ parse_options()
                echo "  exec.system_user = \"root\";"
                echo "  exec.jail_user = \"root\";"
                extract_var $_jv exec_prestart exec.prestart 0 ""
+               extract_var $_jv exec_created exec.created - ""
                extract_var $_jv exec_poststart exec.poststart 0 ""
                extract_var $_jv exec_prestop exec.prestop 0 ""
                extract_var $_jv exec_poststop exec.poststop 0 ""

There is no good place for a "zfs unjail" though.
We need "zfs unjail" between "jexec sh /etc/rc.shutdown" and jail_remove(2).

I think most of the patch here does not apply anymore and jail(8) handles
executing commands itself. If we add a spot between stop and IP__OP that
executes in the system it should work. Very incomplete example of where to
start on a proper patch:

diff --git usr.sbin/jail/jail.c usr.sbin/jail/jail.c
index 63096146f176..13bbfe5f69e3 100644
--- usr.sbin/jail/jail.c
+++ usr.sbin/jail/jail.c
@@ -114,6 +114,7 @@ static const enum intparam stopcommands[] = {

You are receiving this mail because:
You are the assignee for the bug.