Enhancements to the new rc.d/jail script
Mike Makonnen
mtm at identd.net
Mon Apr 21 11:15:19 PDT 2003
On Sat, 19 Apr 2003 19:55:17 -0500 (CDT)
"Scot W. Hetzel" <hetzels at westbend.net> wrote:
>
> Currently rc.d/devfs starts after rc.d/jail, we need devfs rulesets
> defined before the jail is started (devfs added to rc.d/jail REQUIRE).
This should be doable. But, please get the devfs maintainer to signoff on it
first (dd at freebsd.org).
>
> Added a standard jail ruleset to rc.d/devfs.
I agree with Doug, this should be behind an rc.conf knob.
> +# create an entry for each jail named in jail_list, with these variables
> +# NOTE: replace 'example' with the jail's name from jail_list
> +#
> +jail_example_rootdir="/usr/jail/default" # Jails root directory
> +jail_example_hostname="default.domain.com" # Jails hostname
> +jail_example_ip="192.168.0.10" # Jails IP number
> +jail_example_exec="/bin/sh /etc/rc" # command to execute in jail
> +jail_example_devfs="NO" # mount devfs in jail
> +jail_example_devfs_rulset="10" # devfs ruleset to apply to jail
> +jail_example_procfs="NO" # mount procfs in jail
I don't know if examples belong in defaults/rc.conf. The rc.conf(5) man page
already explains what additional knobs need to be set. However, if they do
belong here, then they should be commented out.
> RCS file: /home/ncvs/src/etc/rc.d/jail,v
> retrieving revision 1.3
> diff -u -r1.3 jail
> --- rc.d/jail 19 Apr 2003 07:50:32 -0000 1.3
> +++ rc.d/jail 20 Apr 2003 00:26:51 -0000
> @@ -4,8 +4,8 @@
> #
The rest looks good. This makes the script a lot more useful. Thanks!
Cheers.
--
Mike Makonnen | GPG-KEY: http://www.identd.net/~mtm/mtm.asc
mtm at identd.net | D228 1A6F C64E 120A A1C9 A3AA DAE1 E2AF DBCC 68B9
mtm at FreeBSD.Org| FreeBSD - The Power To Serve
More information about the freebsd-current
mailing list