misc/178760: rc.d/jail: set jname at jail start time

Daniel Shahaf danielsh at apache.org
Sat May 18 21:40:00 UTC 2013 

>Number:         178760
>Category:       misc
>Synopsis:       rc.d/jail: set jname at jail start time
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat May 18 21:40:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Daniel Shahaf
>Release:        9.1-RELEASE-p3
>Organization:
The Apache Software Foundation
>Environment:
FreeBSD metis.apache.org 9.1-RELEASE-p3 FreeBSD 9.1-RELEASE-p3 #0 r250118: Tue Apr 30 22:06:26 UTC 2013     root at loki.apache.org:/usr/obj/usr/src/sys/ASF  amd64

>Description:
When /etc/rc.d/jail starts a jail, it sets the jail's name (as in `jls name`) to be equal to the jid.  For example:

    metis% jls jid name
    1 1
    2 2
    metis% 

It would be more useful to set the jname to, for example, the rc.conf identifier of the jail.  That allows for 'jexec' to be used with the jail's name directly, without having to look up its jid first.

Current behaviour:

    metis% jls jid name
    1 1
    2 2
    metis# jexec jena /usr/bin/true
    jexec: jail "jena" not found
    zsh: exit 1     jexec jena /usr/bin/true

Current workaround:
    metis# jls jid name host.hostname | grep jena | awk '{print $1}'
    3
    metis# jexec 3 /usr/bin/true; echo $?
    0
    metis# 

Alternative workaround:

    metis# jls jid name host.hostname | grep jena | awk '{print $1}'
    3
    metis# jail -m jid=3 name=subversion
    metis# jexec jena /usr/bin/true; echo $?
    0
    metis# 

Behaviour with the patch applied (for jails that have been (re)started with the patch applied):
    metis# jls jid name 
    3 jena
    4 james
    metis# jexec james /usr/bin/true; echo $?
    0
    metis# 

>How-To-Repeat:
Just use /etc/rc.d/jail to start a jail.  In our case we start jails from rc.conf:

jail_sysvipc_allow="YES"
jail_enable="YES"
jail_set_hostname_allow="NO"
jail_list="jena james"
jail_james_hostname="james.zones.apache.org"
jail_james_ip="140.211.11.81"
jail_james_interface="bce1"
jail_james_rootdir="/x1/jails/james.zones.apache.org"
jail_james_devfs_enable="YES"
jail_jena_hostname="jena.zones.apache.org"
jail_jena_ip="140.211.11.85"
jail_jena_interface="bce1"
jail_jena_rootdir="/x1/jails/jena.zones.apache.org"
jail_jena_devfs_enable="YES"

>Fix:
Patch attached.  We have used it since 9.0-RELEASE on multiple jail hosts without issue.

Patch attached with submission follows:

--- infrastructure/trunk/machines/freebsd/metis.apache.org/etc/rc.d/jail (original)
+++ infrastructure/trunk/machines/freebsd/metis.apache.org/etc/rc.d/jail Sat May 18 20:18:40 2013
@@ -112,7 +112,7 @@ init_variables()
        eval _fstab=\"\${jail_${_j}_fstab:-${jail_fstab}}\"
        [ -z "${_fstab}" ] && _fstab="/etc/fstab.${_j}"
        eval _flags=\"\${jail_${_j}_flags:-${jail_flags}}\"
-       [ -z "${_flags}" ] && _flags="-l -U root"
+       [ -z "${_flags}" ] && _flags="-n ${_j} -l -U root"
        eval _consolelog=\"\${jail_${_j}_consolelog:-${jail_consolelog}}\"
        [ -z "${_consolelog}" ] && _consolelog="/var/log/jail_${_j}_console.log"
        eval _fib=\"\${jail_${_j}_fib:-${jail_fib}}\"


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list