diff options
author | Rick Macklem <rmacklem@FreeBSD.org> | 2023-03-12 21:34:25 +0000 |
---|---|---|
committer | Rick Macklem <rmacklem@FreeBSD.org> | 2023-05-22 18:23:58 +0000 |
commit | 5d574146b0b299b64cf07fff8aee4182b7729709 (patch) | |
tree | b2bb38f290579975e855970805afaa79488d36fd | |
parent | 9bccb454ae9653105469568dda57b5ff9064f7d1 (diff) | |
download | src-5d574146b0b299b64cf07fff8aee4182b7729709.tar.gz src-5d574146b0b299b64cf07fff8aee4182b7729709.zip |
rc.d: Fix NFS server startup scripts to enable vnet prison use
Now that commit cbbb22031f9b is in main,
it is possible to run nfsd(8), nfsuserd(8), mountd(8),
gssd(8) and rpc.tlsservd(8) in an appropriately configured vnet
prison if the "allow.nfsd" option is specified in jail.conf.
This patch fixes the rc scripts for this.
Mostly just replaces the "nojail" KEYWORD with "nojailvnet",
but also avoids setting vfs.nfsd.srvmaxio in a prison, since it
must be set outside of the prisons and applies to all
nfsd(8) instances.
(cherry picked from commit 0bb08f21cc5c62d0e2dfcea500521fa801058dd3)
-rwxr-xr-x | libexec/rc/rc.d/gssd | 2 | ||||
-rwxr-xr-x | libexec/rc/rc.d/mountd | 2 | ||||
-rwxr-xr-x | libexec/rc/rc.d/nfsd | 4 | ||||
-rwxr-xr-x | libexec/rc/rc.d/nfsuserd | 2 | ||||
-rwxr-xr-x | libexec/rc/rc.d/tlsservd | 2 |
5 files changed, 6 insertions, 6 deletions
diff --git a/libexec/rc/rc.d/gssd b/libexec/rc/rc.d/gssd index 79dbf10ca575..8d67a3689b3c 100755 --- a/libexec/rc/rc.d/gssd +++ b/libexec/rc/rc.d/gssd @@ -6,7 +6,7 @@ # PROVIDE: gssd # REQUIRE: root mountcritlocal NETWORKING kdc # BEFORE: mountcritremote -# KEYWORD: nojail shutdown +# KEYWORD: nojailvnet shutdown . /etc/rc.subr diff --git a/libexec/rc/rc.d/mountd b/libexec/rc/rc.d/mountd index d75416736245..69391fe78e47 100755 --- a/libexec/rc/rc.d/mountd +++ b/libexec/rc/rc.d/mountd @@ -5,7 +5,7 @@ # PROVIDE: mountd # REQUIRE: NETWORKING rpcbind quota mountlate -# KEYWORD: nojail shutdown +# KEYWORD: nojailvnet shutdown . /etc/rc.subr diff --git a/libexec/rc/rc.d/nfsd b/libexec/rc/rc.d/nfsd index b746cf7cea9d..6c2d5c22d963 100755 --- a/libexec/rc/rc.d/nfsd +++ b/libexec/rc/rc.d/nfsd @@ -5,7 +5,7 @@ # PROVIDE: nfsd # REQUIRE: mountcritremote mountd hostname gssd nfsuserd -# KEYWORD: nojail shutdown +# KEYWORD: nojailvnet shutdown . /etc/rc.subr @@ -28,7 +28,7 @@ nfsd_precmd() # oids are available. load_kld nfsd || return 1 - if [ -n "${nfs_server_maxio}" ]; then + if [ -n "${nfs_server_maxio}" ] && ! check_jail jailed; then if ! sysctl vfs.nfsd.srvmaxio=${nfs_server_maxio} >/dev/null; then warn "Failed to set server max I/O" fi diff --git a/libexec/rc/rc.d/nfsuserd b/libexec/rc/rc.d/nfsuserd index 804b1243a4c4..6c9293a52c09 100755 --- a/libexec/rc/rc.d/nfsuserd +++ b/libexec/rc/rc.d/nfsuserd @@ -5,7 +5,7 @@ # PROVIDE: nfsuserd # REQUIRE: NETWORKING -# KEYWORD: nojail shutdown +# KEYWORD: nojailvnet shutdown . /etc/rc.subr diff --git a/libexec/rc/rc.d/tlsservd b/libexec/rc/rc.d/tlsservd index cca28ed60ffe..95a62060fe32 100755 --- a/libexec/rc/rc.d/tlsservd +++ b/libexec/rc/rc.d/tlsservd @@ -6,7 +6,7 @@ # PROVIDE: tlsservd # REQUIRE: NETWORKING root mountcritlocal sysctl # BEFORE: nfsd -# KEYWORD: nojail shutdown +# KEYWORD: nojailvnet shutdown . /etc/rc.subr |