misc/149831: [PATCH] add support to /etc/rc.d/jail for delegating ZFS-filesystems to jails

Kenneth Vestergaard kvs at binarysolutions.dk
Fri Aug 20 14:30:07 UTC 2010 

The following reply was made to PR misc/149831; it has been noted by GNATS.

From: Kenneth Vestergaard <kvs at binarysolutions.dk>
To: bug-followup at FreeBSD.org,
 kvs at binarysolutions.dk
Cc:  
Subject: Re: misc/149831: [PATCH] add support to /etc/rc.d/jail for delegating ZFS-filesystems to jails
Date: Fri, 20 Aug 2010 16:03:16 +0200

 --Apple-Mail-4--936881281
 Content-Transfer-Encoding: 7bit
 Content-Type: text/plain;
 	charset=us-ascii
 
 Improved patch - it is necessary to get a stable jail-id before
 launching the jail, since the delegated filesystems need to be
 delegated before launching /etc/rc.
 
 
 
 --Apple-Mail-4--936881281
 Content-Disposition: attachment;
 	filename=zfs-fix-delegated-paths-in-jail.diff.txt
 Content-Type: text/plain;
 	name="zfs-fix-delegated-paths-in-jail.diff.txt"
 Content-Transfer-Encoding: 7bit
 
 --- src/etc/rc.d/jail.orig	2010-08-19 12:39:01.000000000 +0200
 +++ src/etc/rc.d/jail	2010-08-20 15:57:07.508674101 +0200
 @@ -41,6 +41,7 @@
  	eval _ip=\"\$jail_${_j}_ip\"
  	eval _interface=\"\${jail_${_j}_interface:-${jail_interface}}\"
  	eval _exec=\"\$jail_${_j}_exec\"
 +	eval _delegate_path=\"\$jail_${_j}_delegate_path\"
  
  	i=0
  	while : ; do
 @@ -132,6 +133,7 @@
  	debug "$_j procdir: $_procdir"
  	debug "$_j ruleset: $_ruleset"
  	debug "$_j fstab: $_fstab"
 +	debug "$_j delegate_path: $_delegate_path"
  
  	i=0
  	while : ; do
 @@ -635,8 +637,23 @@
  			i=$((i + 1))
  		done
  
 -		eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \
 -			\"${_addrl}\" ${_exec_start} > ${_tmp_jail} 2>&1
 +		# create jail with 'persist', so we can get a jid before starting it,
 +		# which is needed if we need to delegate any zfs-filesystems to it.
 +		jail -i -c name=${_jail} path=${_rootdir} persist > ${_tmp_jail} 2>&1
 +		_jail_id=$(head -1 ${_tmp_jail})
 +		echo started jail ${_jail} with id ${_jail_id}
 +
 +		if [ ! -z "${_delegate_path}" ] ; then
 +			jail -m jid=${_jail_id} allow.mount=1
 +			/sbin/zfs get -s local -rH -o name,value jailed ${_delegate_path} | \
 +			    /usr/bin/awk '$2 == "on" { print $1 }' | \
 +			    /usr/bin/xargs -I % /sbin/zfs jail ${_jail_id} %
 +		fi
 +
 +		eval ${_setfib} jail ${_flags} -m \
 +			jid=${_jail_id} \
 +			host.hostname=${_hostname} \
 +			ip4.addr=\"${_addrl}\" command=${_exec_start} 2>&1
  
  		if [ "$?" -eq 0 ] ; then
  			_jail_id=$(head -1 ${_tmp_jail})
 @@ -669,6 +686,7 @@
  			echo " cannot start jail \"${_jail}\": "
  			tail +2 ${_tmp_jail}
  		fi
 +		jail -m jid=${_jail_id} nopersist # remove 'persist' set at create-time
  		rm -f ${_tmp_jail}
  	done
  	rmdir ${_tmp_dir}
 
 --Apple-Mail-4--936881281--

More information about the freebsd-bugs mailing list