New jail_interface broken in 6.1-RELEASE

Dirk Engling erdgeist at erdgeist.org
Thu May 11 12:04:14 PDT 2006 

On Thu, 11 May 2006, Florent Thoumie wrote:

> Really, there's no -rc team. The might be 3 or 4 committers committing
> in the rc area on a regular basis.

Then, I think, its time for me to volunteer and try to make the best of it 
in future. I understand, my mail has been a little too aggressive, I didnt 
want to discourage you from doing _your_ volunteer work.

> Really, I would have preferred you bug me about finding a solution to
> your problem rather than sending such a mail.

I wrote this mail in a mixture of urge to let it out and hope someone here 
at the list has an idea how to quickfix the situation.

> I tried to make FreeBSD better and just have been over-enthusiast about
> this. I understand this affects you because it affects your pet project.
> Please have a look at the list of past ERRATAs. I'm not trying to be
> rude nor trying to minimize my fault but software have bugs, get used to
> it.

Its nothing personal. I just feel discomfortable by the fact, that your 
mistake (hey, everyone makes mistakes) has made it into a release, 
apparently without any testing. Shouldnt there be a Q/A? Thats why I put 
the mail on list, not to embarrass you.

>> a) What, if I want to run several jails on one IP address? Stopping the
>> first jail on that IP would remove the alias from my interface
>> subsequently taking it away from the second jail.
>> b) What, if I'd chose to run a jail on host systems IP? Stop it, BAMM -
>> goes my host system.
>
> Does it even work? Or you mean a configuration error?

Sure its works, its even a thing I would everyone encourage to do. Its
always a good idea to seperate services, even if you only have one IP.

> d) What if I don't like default behavior?
>
> Then just don't use jail_interface. Jail_interface is OFF (well, empty)
> by default.

Ehrm, your test failed ;) So its just a matter of luck, you dont always 
delete the IP from all interfaces.

There are other (imho better) solutions for the problem (I dont even 
consider one, anymore).

> The feature itself is ok, mistakes around the feature are mine, and I
> already apologized at least ten times in the past few days. I can do it
> again, I'm *really* sorry. Please take this as a beginner's mistake. If
> you don't want to use FreeBSD anymore because I made a mistake, then
> don't, it's up to you.

Again, its not your fault. And theres no need to take it personal. I just 
didn't want to let this pass. Hopefully there will be a working Q/A in 
future. I make mistakes, too, made them in "pet" projects as well as in 
projects I am paid for. And I don't think that users of my open source 
projects deserve less means to express their anger than my costumers.

Still, I do not think the jail_if feature is a good idea, I even consider 
it contra-productive. But thats not subject to discussion, anymore.

> Note2: Fortunately it was rc.d/jail and not rc.subr, I would have
> received hundreds of angry mails.

You may have had received them a lot earlier, though.

Regards,

   erdgeist

More information about the freebsd-rc mailing list