ports/180773: [Maintainer update] sysutils/qjail Bug fix.
Joe Barbish
qjail at a1poweruser.com
Tue Jul 23 18:20:00 UTC 2013
>Number: 180773
>Category: ports
>Synopsis: [Maintainer update] sysutils/qjail Bug fix.
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Tue Jul 23 18:20:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Joe Barbish
>Release: 9.1-RELEASE i386
>Organization:
none
>Environment:
>Description:
Instructions to the committer;
Please insert the following PR change log text into the SVN change log
for this port. The PR change text for 3.0 and 3.1 were not included in the SVN
change log like they where in the previous commits so I have included them here.
Thank You
qjail-3.2 change log
1. Added IPv6 support to "create" and "config" commands.
2. Changed the way jail status is determined. Now use "jls -j jailname jid"
command instead of carring internal jid field in jail definition record.
This fixed jail status problem when users used the "halt or reboot"
command on the host instead of the "shutdown now" command.
3. Changed qjail-bootime script to nolonger populate internal jid field
in jail definition record.
4. Corrected coding of conflicts_install parameter in the port Makefile
so it functions as wanted. Also inserted message info block about upgrade
procedure and CONFLICT resolution.
5. Removed all references to qjail.conf file from all man pages.
6. Corrected examples in qjail man for "qjail create" command using
new -4 option for IPv4 IP addresses.
qjail-3.1 change log http://www.freebsd.org/cgi/query-pr.cgi?pr=179769
1. sharefs/usr/src and sharefs/usr/ports were missing links. Design was to
have sharedfs share those directories with all jails. Added code to mkdir
src and port on sharedfs and link to template.
2. For update -b, archive sharedfs, restore sharedfs and install commands,
replaced the logic of rolling through the qjail.local directory opening
each definition file to check if jail was running which left the last opened
jail variables populated, with logic based on using jls command to list
the running jails and then checking jls list to qjail.global
directory content of qjail owned jails to determine if jail was running.
3. For archive of image jail, removed qjail prefix from variable name.
4. For "update -b" host binaries have noschg set on a few files, added
chflags -R noschg "${sharedfs}/${dir}"
chflags -R nosunlink "${sharedfs}/${dir}"
commands to remove said status on all files.
5. Add "mount.devfs=1" parameters to build_def function of qjail script and
qjail-bootime script. This enables ps and top commands to work inside of
jail. This is a work around for /dev bug in jail(8).
6. "qjail create -a img20 -i 25 img25 10.0.10.20" Using a image archive caused
cpio to complain when copying the template to populate the img file.
Replaced cpio with "cp -R dir/" command, also made the same change to
the dup image logic. The cpio command has problems working with sparse files.
7. Added "qjail config -h" option. This option provides a way to enable "SSH"
on a jail. Same option as -c of the "qjail create" command.
8. Updated "man qjail" with instructions on using the "mv" command to give jails
access to the hosts "/usr/ports" or "/usr/src" directories.
9. Added new function to "config" command call -m for manual start jails,
-m to enable and -M to disable.
10. Changed the "config" command call -r [run, norun] option to -r to enable
and -R to disable.
qjail-3.0 change log http://www.freebsd.org/cgi/query-pr.cgi?pr=179184
1. This version of qjail has been converted from using the legacy rc.d-method
as used in all previous versions of qjail, to using the jail(8)
jail.conf-method available in RELEASE-9.1. This upgrade provides the
ability to enable the following new options on a per-jail basis.
exec.fib, allow.raw_sockets, allow.quotas, allow.mount.nullfs,
allow.mount.zfs, cpuset.id, securelevel, vnet.interface, and vnet.
The vnet option gives a jail its own network stack using the experimental
vimage software with or with out ipfw firewall and using if_bridge/epair
or netgraph for its network. This qjail version is not functional
for RELEASES older than RELEASE-9.1.
2. The basejail has been renamed to sharedfs and
newjail has been renamed to template.
3. The archive function now uses the tar utility to bkup the jailname
filesystem with it's internal qjail admin files.
4. The restore function now uses the tar utility to restore the jailname
filesystem with it's internal qjail admin files.
5. The -a option of the create command now uses the tar utility to restore
the jailname filesystem.
6. The qjail man page up-dated to reflect all changes to qjail.
7. The qjail.conf file has been deprecated and removed.
8. Added logic to the "config" command to enable and disable the jail(8)
selected extended options.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -ruN qjail-3.1/Makefile qjail/Makefile
--- qjail-3.1/Makefile 2013-06-22 02:37:59.000000000 -0400
+++ qjail/Makefile 2013-07-23 11:31:53.000000000 -0400
@@ -2,7 +2,7 @@
# $FreeBSD: sysutils/qjail/Makefile 321546 2013-06-22 06:37:59Z culot $
PORTNAME= qjail
-PORTVERSION= 3.1
+PORTVERSION= 3.2
CATEGORIES= sysutils
MASTER_SITES= SF/${PORTNAME}
@@ -14,7 +14,17 @@
MAN8= qjail.8 qjail-intro.8 qjail-howto.8
-CONFLICTS_INSTALL= qjail-2.*
+CONFLICTS_INSTALL= qjail-3.[0-1] qjail-2.* qjail-1.*
+
+pre-fetch:
+ @${ECHO_MSG} " "
+ @${ECHO_MSG} "#####################################################"
+ @${ECHO_MSG} "#"
+ @${ECHO_MSG} "# For instructions on upgrading & CONFLICT resolution"
+ @${ECHO_MSG} "# Read /usr/ports/sysutils/qjail/upgrade-info.txt"
+ @${ECHO_MSG} "#"
+ @${ECHO_MSG} "#####################################################"
+ @${ECHO_MSG} " "
post-patch:
@${FIND} ${WRKSRC} -type f | ${XARGS} ${REINPLACE_CMD} \
@@ -36,8 +46,12 @@
&& ${COPYTREE_SHARE} \* ${EXAMPLESDIR})
post-install:
- @${ECHO_MSG} "#"
+ @${ECHO_MSG} " "
+ @${ECHO_MSG} "#####################################################"
+ @${ECHO_MSG} " "
@${CAT} ${PKGMESSAGE}
- @${ECHO_MSG} "#"
+ @${ECHO_MSG} " "
+ @${ECHO_MSG} "#####################################################"
+ @${ECHO_MSG} " "
.include <bsd.port.mk>
diff -ruN qjail-3.1/distinfo qjail/distinfo
--- qjail-3.1/distinfo 2013-06-22 02:37:59.000000000 -0400
+++ qjail/distinfo 2013-07-23 11:31:12.000000000 -0400
@@ -1,2 +1,2 @@
-SHA256 (qjail-3.1.tar.bz2) = bee2c505ca735aa5de1e8b88680ee5d61bf42e505c5d4d28c899bb5caaaf3ac8
-SIZE (qjail-3.1.tar.bz2) = 119940
+SHA256 (qjail-3.2.tar.bz2) = 3a8ef28bbcb511781b88b579bc89c4620c98f5a7fc1c21294c6c07c0a8fac477
+SIZE (qjail-3.2.tar.bz2) = 120633
diff -ruN qjail-3.1/upgrade-info.txt qjail/upgrade-info.txt
--- qjail-3.1/upgrade-info.txt 1969-12-31 19:00:00.000000000 -0500
+++ qjail/upgrade-info.txt 2013-07-23 11:19:07.000000000 -0400
@@ -0,0 +1,74 @@
+ qjail upgrade and CONFLICT resolution
+
+The normal qjail upgrade path is to install the current ports version of
+qjail when you upgrade your hosts operating system to the next newer major
+FreeBSD version and rebuild all the ports in your jails to be in sync with
+that new major release version. IE Freebsd 8.X to Freebsd 9.X.
+
+There are major changes to the qjail internal admin files between qjail-2.X
+and qjail-3.X. The use of the port Makefile CONFLICT parameter is the only way
+to shoehorn a message to the user during the port "make install" process to
+stop the install before their current qjail system gets damaged.
+
+If your host is running one of these previous version of qjail
+ qjail-1.0 through qjail-1.9 or
+ qjail-2.0 through qjail-2.2 or
+ qjail-3.0 or qjail-3.1
+installing qjail-3.X would over write the old qjail script with the new one
+making it impossible to admin your old qjail system
+
+
+Follow these upgrade instructions
+
+1. Make backup of your current qjail world.
+ qjail stop
+ qjail archive -A
+ qjail archive basejail for qjail-1.X through qjail-2.2
+ qjail archive newjail for qjail-1.X through qjail-2.2
+ qjail archive sharedfs for qjail-3.0 and qjail-3.1
+ qjail archive template for qjail-3.0 and qjail-3.1
+
+2. Rename your current qjail script so it will not get over written.
+ mv /usr/local/bin/qjail /usr/local/bin/qjail.org
+ From this point use "qjail.org" command instead of "qjail" to admin
+ your current qjail system. Do not create any more new jails.
+
+3. Deinstall your current qjail port
+ pkg_info | grep qjail
+ pkg_delete qjail-x.x use full qjail name from pkg_info command
+ Will get message about qjail script not being deinstalled. This is ok,
+ because we renamed it in step2.
+
+4. Install new qjail port
+ cd /usr/ports/sysutils/qjail
+ make install clean
+
+5. Install new qjail system. Mandatory to allocate new internal admin files.
+ qjail install
+
+6. Create a new jail for each old jail using the old jail name and changing
+ it by a single character to make it unique. Example
+ Old jail name = corp_email
+ New jail name = corp_email_n
+ Be sure to read the qjail man page as the syntax of the "qjail create"
+ command has changed. Example of new syntax for qjail-3.2
+ qjail create -n rl0 -4 10.0.10.20 corp_email_n
+
+7. Copy the old jailname filesystem contents to the new jailname filesystem.
+ cp -Rp /usr/jails/corp_email/ /usr/jails/corp_email_n
+
+8. Test your new qjail world.
+ qjail start corp_email_n
+
+9. Once your happy with your new qjail world, remove your old world.
+ qjail.org delete -A
+ rm archive/*
+ rm /usr/local/bin/qjail.org
+ For qjail versions 1.X through 2.X do
+ chflags -R noschg /usr/jails/basejail
+ chflags -R nosunlink /usr/jails/basejail
+ rm -r /usr/jails/basejail
+ chflags -R noschg /usr/jails/newjail
+ chflags -R nosunlink /usr/jails/newjail
+ rm -r /usr/jails/newjail
+
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list