Fwd: svn commit: r256256 - in head: . etc etc/defaults etc/rc.d share/man/man5 usr.sbin/jail

[Remko Lodder]

Dear Current readers,

Please find issues that I have with the latest /etc/rc.d/jail changes and the use of ezjail.

Thanks
remko


Begin forwarded message:

> From: Remko Lodder <remko at FreeBSD.org>
> Subject: Re: svn commit: r256256 - in head: . etc etc/defaults etc/rc.d share/man/man5 usr.sbin/jail
> Date: October 11, 2013 3:04:12 PM GMT+02:00
> To: Hiroki Sato <hrs at FreeBSD.org>
> Cc: src-committers at freebsd.org, svn-src-all at freebsd.org, svn-src-head at freebsd.org
> 
> 
> Hi Hiroki,
> 
> On Oct 10, 2013, at 11:32 AM, Hiroki Sato <hrs at FreeBSD.org> wrote:
> 
>> Author: hrs
>> Date: Thu Oct 10 09:32:27 2013
>> New Revision: 256256
>> URL: http://svnweb.freebsd.org/changeset/base/256256
>> 
>> Log:
>> - Update rc.d/jail to use a jail(8) configuration file instead of
>>   command line options.  The "jail_<jname>_*" rc.conf(5) variables for
>>   per-jail configuration are automatically converted to
>>   /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
>>   This is transparently backward compatible.
>> 
>> - Fix a minor bug in jail(8) which prevented it from returning false
>>   when jail -r failed.
>> 
> 
> Thanks for doing such a massive update. However it seems to break the ezjail utility.
> My jails didn't restart after I upgraded to the most recent -head version 
> 
> FreeBSD nakur.elvandar.org 10.0-ALPHA6 FreeBSD 10.0-ALPHA6 #7 r256311: Fri Oct 11 13:27:54 CEST 2013     root at nakur.elvandar.org:/usr/obj/usr/src/sys/NAKUR  amd64
> 
> If I replace this with an older version, the utility starts and complains about certain things not being done properly. The
> system does not mount devfs nodes anylonger and thus is basically out of function.
> 
> I was not expecting this much fallout from this change, others that will be upgrading will loose the ability to start their jails until they can
> resolve this by hand.
> 
> Thanks
> Remko
> 
>> Approved by:	re (glebius)
>> 
>> Modified:
>> head/UPDATING
>> head/etc/defaults/rc.conf
>> head/etc/rc.d/jail
>> head/etc/rc.subr
>> head/share/man/man5/rc.conf.5
>> head/usr.sbin/jail/jail.c
>> 
>> Modified: head/UPDATING
>> ==============================================================================
>> --- head/UPDATING	Thu Oct 10 07:41:11 2013	(r256255)
>> +++ head/UPDATING	Thu Oct 10 09:32:27 2013	(r256256)
>> @@ -31,6 +31,25 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 10
>> 	disable the most expensive debugging functionality run
>> 	"ln -s 'abort:false,junk:false' /etc/malloc.conf".)
>> 
>> +20131010:
>> +	The rc.d/jail script has been updated to support jail(8)
>> +	configuration file.  The "jail_<jname>_*" rc.conf(5) variables
>> +	for per-jail configuration are automatically converted to
>> +	/var/run/jail.<jname>.conf before the jail(8) utility is invoked.
>> +	This is transparently backward compatible.  See below about some
>> +	incompatibilities and rc.conf(5) manual page for more details.
>> +
>> +	These variables are now deprecated in favor of jail(8) configuration
>> +	file.  One can use "rc.d/jail config <jname>" command to generate
>> +	a jail(8) configuration file in /var/run/jail.<jname>.conf without
>> +	running the jail(8) utility.   The default pathname of the
>> +	configuration file is /etc/jail.conf and can be specified by
>> +	using $jail_conf or $jail_<jname>_conf variables.
>> +
>> +	Please note that jail_devfs_ruleset accepts an integer at
>> +	this moment.  Please consider to rewrite the ruleset name
>> +	with an integer.
>> +
>> 20130930:
>> 

-- 
/"\   With kind regards,			| remko at elvandar.org
\ /   Remko Lodder			| remko at FreeBSD.org
X    FreeBSD					| http://www.evilcoder.org
/ \   The Power to Serve		| Quis custodiet ipsos custodes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20131011/e8c8835a/attachment.sig>