Application Jail Shutdown Problem

Isaac (.ike) Levy ike at blackskyresearch.net
Thu May 2 01:23:49 UTC 2019 

Hi Jamie, all,

>> On May 1, 2019, at 5:33 PM, James Gritton <jamie at freebsd.org> wrote:
>> 
>>> On 2019-05-01 09:22, Michael W. Lucas wrote:
>>> On Wed, May 01, 2019 at 08:53:18AM -0600, James Gritton wrote:
>>>> On 2019-04-30 12:03, squiggly foo wrote:
>>>> Hi All,
>>>> 
>>>> I use the mount.fstab parameter to mount a number of file systems
>>>> before starting a jail which works without any problem.  However since
>>>> it is an application jail, there are no other processes running inside
>>>> the jail other than the one application.  As soon as that application
>>>> terminates the jail is removed by the host.

Cool/interesting use case for jail.

I am wondering how you start the jails?

Is there some way to simply trap the jailed process when you start it, to call the unmount routine? (e.g. trap the jail call itself from userland on 0 and other nonzero exits?)

Best,
.ike


>>>> 
>>>> This is actually my preferred behavior; I want the jail to be removed
>>>> when the process inside of it terminates.  But the problem is that the
>>>> mount points are not unmounted after the jail is removed that way.
>>>> The only way I can get the jails to unmount is if I do a "jail -r
>>>> jailname" which is what I want to avoid as I would not do that while
>>>> the process inside the jail is still running.
>>>> 
>>>> 
>>>> Does anyone know of a way for the jails to umount the mount points in
>>>> its fstab file when the only process inside the jail exits?
>>> No easy way.  Those filesystems have to be unmounted by somebody; the
>>> jail can't do it because it doesn't have the permission (because it
>>> didn't
>>> mount them).  So some process needs to be watching to see when the jail
>>> goes away.  That would be some kind of watcher that wakes up
>>> occasionally
>>> and sees if the jail is still there.  It might be nice to have some
>>> kqueue
>>> support for jails.
>> Maybe I'm not understanding the problem.
>> Is there a reason why exec.poststop="umount -aF /whatever/jail.fstab"
>> won't do the trick?
> 
> The works when it's jail(8) doing the removing.  But when the jail just
> "runs out" on its own, because its last process has exited (and it didn't
> have "persist" set), there is no jail(8) to run the stop scripts.  Normally
> I would recommend setting persist and explicitly destroying the jail later,
> but that had already been mentioned as not preferred.
> 
> - Jamie
> _______________________________________________
> freebsd-jail at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe at freebsd.org"

More information about the freebsd-jail mailing list