svn commit: r354105 - in head/sysutils/qjail: . files
Kurt Jaeger
pi at FreeBSD.org
Thu May 15 10:40:21 UTC 2014
Author: pi
Date: Thu May 15 10:40:19 2014
New Revision: 354105
URL: http://svnweb.freebsd.org/changeset/ports/354105
QAT: https://qat.redports.org/buildarchive/r354105/
Log:
sysutils/qjail: upgrade 3.2 -> 3.3
1. Fix typo in qjail.8 manual.
Change "See jailip below" to "See -4 option"
2. Fix typo in qjail-howto.8 manual as per PR# 186269.
Change a comma , inside of ip address to a . period.
73.x.97,51,10.0.10.126 to 73.x.97.51,10.0.10.126
3. Change qjail.portsnap.conf,
remove index-6 index-7 index-8 statements
replace index-9 with index-10
4. Removed rcvar=`set_rcvar` statement from qjail.bootime script.
In Release 10.0 its no longer included in the rc.d scripts and
was causing a non-harmful bogus boot time message. But this
de-activated the ability to control the selection of boot time
starting of jails using the qjail_enable="YES" statement in
the hosts /etc/rc.conf. Put rcvar="qjail_enable" in qjail.bootime
script and things work as exspected.
5. Correct coding bug in archive logic to archive sharedfs per zone.
6. Correct coding bug for Sanity check to see if any jails are running.
7. Changed "qjail install" logic to check that this version of qjail only
runs on release-10.0. This is due to unique properties of jail(8) & rc.d
that are not in 9.2 and older releases.
8. Changed "qjail create" and "qjail config" logic to check if the
-4 and/or -6 IP address are prefixed with "<if_device>|" and/or
suffixed with "/<netmask>" values. jail(8) says this is valid syntax,
but its NOT allowed as valid syntax to qjail.
9. Changed "qjail create" logic to check if no -n value was entered. If not
then populate the -n value with the interface default nic device name
obtained from route command. This is now the automatic default behavior.
The default interface is the one connected to the public internet.
This shortens the "qjail create command" and forces the use of the
automatic creation and deletation of the alias for the jails IP address
on that "network interface name". Made appropriate changes to qjail.8
man page documentation.
10. Changed "qjail create" logic to target another zones archives as input
source. Now you can use any zones archive file as a template to create
a new jail using the existing -a option. New -A option is coded with the
zone name of the target archive file name populating the -a value.
Made appropriate changes to qjail.8 man page documentation.
11. Added -S option to "qjail update" This option will copy the hosts
/usr/src filesystem to sharedfs/usr/src to be shared among all the jails.
Made appropriate changes to qjail.8 man page documentation.
12. Add -P option to "qjail update" This option will copy the hosts
/usr/ports filesystem to sharedfs/usr/ports to be shared among all the jails.
Made appropriate changes to qjail.8 man page documentation.
13. The long time jail(8) bug since 9.1 that deals with the jails /dev
directory which allowed the jail to access things jail should be restricted
from became fixed with 10.0-RELEASE-p2. The hosts /etc/defaults/rc.conf
devfs_load_rulesets="NO" changed to devfs_load_rulesets="YES"
Removed the jail.conf work-a-round statments from the qjail script
build_config_def routine as they are no longer needed.
14. Converted the Port's Makefile to do "stageing".
PR: ports/189120
Submitted by: Joe Barbish (maintainer)
Approved by: culot (mentor)
Added:
head/sysutils/qjail/pkg-message (contents, props changed)
Deleted:
head/sysutils/qjail/files/
Modified:
head/sysutils/qjail/Makefile
head/sysutils/qjail/distinfo
head/sysutils/qjail/pkg-descr
head/sysutils/qjail/pkg-plist
Modified: head/sysutils/qjail/Makefile
==============================================================================
--- head/sysutils/qjail/Makefile Thu May 15 08:27:53 2014 (r354104)
+++ head/sysutils/qjail/Makefile Thu May 15 10:40:19 2014 (r354105)
@@ -2,44 +2,39 @@
# $FreeBSD$
PORTNAME= qjail
-PORTVERSION= 3.2
+PORTVERSION= 3.3
CATEGORIES= sysutils
MASTER_SITES= SF/${PORTNAME}
MAINTAINER= qjail at a1poweruser.com
COMMENT= Utility to quickly deploy and manage jails
-USE_BZIP2= yes
+USES= tar:bzip2
NO_BUILD= yes
-SUB_FILES= pkg-message
+NEED_ROOT= yes
-MAN8= qjail.8 qjail-intro.8 qjail-howto.8
-
-CONFLICTS_INSTALL= qjail-2.*
-
-NO_STAGE= yes
-post-patch:
- @${FIND} ${WRKSRC} -type f | ${XARGS} ${REINPLACE_CMD} \
- -e 's|/usr/local|${PREFIX}|'
- @${FIND} ${WRKSRC}/examples -name '*.bak' -delete
+CONFLICTS_INSTALL= qjail-2.* qjail-3.0 qjail-3.1
do-install:
- @${INSTALL_SCRIPT} ${WRKSRC}/qjail ${PREFIX}/bin
- @${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.be ${PREFIX}/bin
- @${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.ng ${PREFIX}/bin
- @${INSTALL_SCRIPT} ${WRKSRC}/qjail.bootime ${PREFIX}/etc/rc.d
- @${INSTALL_DATA} ${WRKSRC}/qjail.portsnap.conf ${PREFIX}/etc
+.for i in qjail qjail.vnet.be qjail.vnet.ng
+ ${INSTALL_SCRIPT} ${WRKSRC}/${i} ${STAGEDIR}${PREFIX}/bin
+.endfor
+ ${INSTALL_SCRIPT} ${WRKSRC}/qjail.bootime \
+ ${STAGEDIR}${PREFIX}/etc/rc.d
+ ${INSTALL_DATA} ${WRKSRC}/qjail.portsnap.conf \
+ ${STAGEDIR}${PREFIX}/etc
.for i in qjail qjail-intro qjail-howto
- @${INSTALL_MAN} ${WRKSRC}/${i}.8 ${MAN8PREFIX}/man/man8
+ ${INSTALL_MAN} ${WRKSRC}/${i}.8 ${STAGEDIR}${MAN8PREFIX}/man/man8
.endfor
+
+# @${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
+# ${INSTALL_DATA} ${WRKSRC}/jail-primer.html \
+# ${STAGEDIR}${DOCSDIR}
+
+
# note examples are mandatory. qjail will not function without them
- @${MKDIR} ${EXAMPLESDIR}
+ @${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
@(cd ${WRKSRC}/examples/ \
- && ${COPYTREE_SHARE} \* ${EXAMPLESDIR})
-
-# Note: Has to be done this way or package version will not contain any
-# comments added with @${ECHO_MSG} command.
-post-install:
- @${CAT} ${PKGMESSAGE}
+ && ${COPYTREE_SHARE} \* ${STAGEDIR}${EXAMPLESDIR})
.include <bsd.port.mk>
Modified: head/sysutils/qjail/distinfo
==============================================================================
--- head/sysutils/qjail/distinfo Thu May 15 08:27:53 2014 (r354104)
+++ head/sysutils/qjail/distinfo Thu May 15 10:40:19 2014 (r354105)
@@ -1,2 +1,2 @@
-SHA256 (qjail-3.2.tar.bz2) = 3088c1946e720ddc3fb6f78254f8616951de3a90f0e6e0dfbd4d49c16febe697
-SIZE (qjail-3.2.tar.bz2) = 121560
+SHA256 (qjail-3.3.tar.bz2) = 263bf7ff60a2d266ff3a4b39c1ccaf6a1114e22128fa0110351bc6c5d782c525
+SIZE (qjail-3.3.tar.bz2) = 61485
Modified: head/sysutils/qjail/pkg-descr
==============================================================================
--- head/sysutils/qjail/pkg-descr Thu May 15 08:27:53 2014 (r354104)
+++ head/sysutils/qjail/pkg-descr Thu May 15 10:40:19 2014 (r354105)
@@ -1,16 +1,17 @@
Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
system that includes security and performance enhancements. Plus a new level
of "user friendliness" enhancements dealing with deploying just a few jails or
-large jail environments consisting of 100's of jails.
+large scale jail environments consisting of 100's of jails.
This version of qjail has been converted from using the legacy rc.d-method as
used in all previous versions of qjail, to using the jail(8) jail.conf-method
-available in RELEASE-9.1. This upgrade provides the ability to enable the
-following new options on a per-jail basis. exec.fib, allow.raw_sockets,
-allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, securelevel,
+available in RELEASE-9.1 which contained many bugs, some that were fixed in
+RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the ability
+to enable the following new options on a per-jail basis. exec.fib, securelevel,
+allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id,
vnet.interface, and vnet. The vnet option gives a jail its own network stack
-using the experimental vimage software. This qjail version is not functional
-for RELEASES older than RELEASE-9.1. The vnet option has only been tested on
+using the experimental vimage software. This qjail version is not intended
+for RELEASES older than RELEASE-10.0. The vnet option has only been tested on
i386 and amd64 equipment.
Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
Added: head/sysutils/qjail/pkg-message
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/sysutils/qjail/pkg-message Thu May 15 10:40:19 2014 (r354105)
@@ -0,0 +1,22 @@
+
+########################################################################
+
+Use the qjail utility to deploy small or large numbers of jails quickly.
+
+First issue "rehash" command to enable the qjail command (if using csh).
+Then issue "man qjail-intro" to read the qjail introduction.
+After reading that do "man qjail" for the usage details.
+For the BIG PICTURE issue "man qjail-howto".
+
+########################################################################
+
+If your host is running 10.0-RELEASE be sure you apply system security
+update. You need to be at 10.0-RELEASE-p2. Run the following commands
+to apply system security updates.
+ freebsd-update fetch
+ freebsd-update install
+
+########################################################################
+
+
+
Modified: head/sysutils/qjail/pkg-plist
==============================================================================
--- head/sysutils/qjail/pkg-plist Thu May 15 08:27:53 2014 (r354104)
+++ head/sysutils/qjail/pkg-plist Thu May 15 10:40:19 2014 (r354105)
@@ -3,9 +3,9 @@ bin/qjail.vnet.be
bin/qjail.vnet.ng
etc/qjail.portsnap.conf
etc/rc.d/qjail.bootime
-%%EXAMPLESDIR%%/upgrade-info.txt
-%%EXAMPLESDIR%%/vnet/jail.amd64
-%%EXAMPLESDIR%%/vnet/jail.i386
+man/man8/qjail.8.gz
+man/man8/qjail-intro.8.gz
+man/man8/qjail-howto.8.gz
%%EXAMPLESDIR%%/vnet/ipfw.rules.host
%%EXAMPLESDIR%%/vnet/ipfw.rules.vnet
%%EXAMPLESDIR%%/vnet/ipf.rules.host
@@ -17,6 +17,7 @@ etc/rc.d/qjail.bootime
%%EXAMPLESDIR%%/default/etc/periodic.conf
%%EXAMPLESDIR%%/default/etc/rc.conf
%%EXAMPLESDIR%%/default/root/.cshrc
+%%EXAMPLESDIR%%/default/usr/local/etc/pkg.conf
%%EXAMPLESDIR%%/default/usr/local/etc/sudoers
%%EXAMPLESDIR%%/ssh-default/etc/group
%%EXAMPLESDIR%%/ssh-default/etc/make.conf
@@ -37,6 +38,7 @@ etc/rc.d/qjail.bootime
%%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.profile
%%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.rhosts
%%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.shrc
+%%EXAMPLESDIR%%/ssh-default/usr/local/etc/pkg.conf
%%EXAMPLESDIR%%/ssh-default/usr/local/etc/sudoers
@dirrm %%EXAMPLESDIR%%/default/usr/local/etc
@dirrm %%EXAMPLESDIR%%/default/usr/local
More information about the svn-ports-all
mailing list