aboutsummaryrefslogtreecommitdiff
path: root/libexec/rc
diff options
context:
space:
mode:
authorRick Macklem <rmacklem@FreeBSD.org>2023-03-12 21:34:25 +0000
committerRick Macklem <rmacklem@FreeBSD.org>2023-03-12 21:34:25 +0000
commit0bb08f21cc5c62d0e2dfcea500521fa801058dd3 (patch)
tree817faed374775f1a16e8dc697d457ede9730e5eb /libexec/rc
parent35c872422c8cfb93d645c2f892c80422d902b1bf (diff)
downloadsrc-0bb08f21cc5c62d0e2dfcea500521fa801058dd3.tar.gz
src-0bb08f21cc5c62d0e2dfcea500521fa801058dd3.zip
rc.d: Fix NFS server startup scripts to enable vnet prison use
Now that commit cbbb22031f9b is in main, it is possible to run nfsd(8), nfsuserd(8), mountd(8), gssd(8) and rpc.tlsservd(8) in an appropriately configured vnet prison if the "allow.nfsd" option is specified in jail.conf. This patch fixes the rc scripts for this. Mostly just replaces the "nojail" KEYWORD with "nojailvnet", but also avoids setting vfs.nfsd.srvmaxio in a prison, since it must be set outside of the prisons and applies to all nfsd(8) instances. Reviewed by: jamie MFC after: 3 months Differential Revision: https://reviews.freebsd.org/D38809
Diffstat (limited to 'libexec/rc')
-rwxr-xr-xlibexec/rc/rc.d/gssd2
-rwxr-xr-xlibexec/rc/rc.d/mountd2
-rwxr-xr-xlibexec/rc/rc.d/nfsd4
-rwxr-xr-xlibexec/rc/rc.d/nfsuserd2
-rwxr-xr-xlibexec/rc/rc.d/tlsservd2
5 files changed, 6 insertions, 6 deletions
diff --git a/libexec/rc/rc.d/gssd b/libexec/rc/rc.d/gssd
index 79dbf10ca575..8d67a3689b3c 100755
--- a/libexec/rc/rc.d/gssd
+++ b/libexec/rc/rc.d/gssd
@@ -6,7 +6,7 @@
# PROVIDE: gssd
# REQUIRE: root mountcritlocal NETWORKING kdc
# BEFORE: mountcritremote
-# KEYWORD: nojail shutdown
+# KEYWORD: nojailvnet shutdown
. /etc/rc.subr
diff --git a/libexec/rc/rc.d/mountd b/libexec/rc/rc.d/mountd
index d75416736245..69391fe78e47 100755
--- a/libexec/rc/rc.d/mountd
+++ b/libexec/rc/rc.d/mountd
@@ -5,7 +5,7 @@
# PROVIDE: mountd
# REQUIRE: NETWORKING rpcbind quota mountlate
-# KEYWORD: nojail shutdown
+# KEYWORD: nojailvnet shutdown
. /etc/rc.subr
diff --git a/libexec/rc/rc.d/nfsd b/libexec/rc/rc.d/nfsd
index b746cf7cea9d..6c2d5c22d963 100755
--- a/libexec/rc/rc.d/nfsd
+++ b/libexec/rc/rc.d/nfsd
@@ -5,7 +5,7 @@
# PROVIDE: nfsd
# REQUIRE: mountcritremote mountd hostname gssd nfsuserd
-# KEYWORD: nojail shutdown
+# KEYWORD: nojailvnet shutdown
. /etc/rc.subr
@@ -28,7 +28,7 @@ nfsd_precmd()
# oids are available.
load_kld nfsd || return 1
- if [ -n "${nfs_server_maxio}" ]; then
+ if [ -n "${nfs_server_maxio}" ] && ! check_jail jailed; then
if ! sysctl vfs.nfsd.srvmaxio=${nfs_server_maxio} >/dev/null; then
warn "Failed to set server max I/O"
fi
diff --git a/libexec/rc/rc.d/nfsuserd b/libexec/rc/rc.d/nfsuserd
index 804b1243a4c4..6c9293a52c09 100755
--- a/libexec/rc/rc.d/nfsuserd
+++ b/libexec/rc/rc.d/nfsuserd
@@ -5,7 +5,7 @@
# PROVIDE: nfsuserd
# REQUIRE: NETWORKING
-# KEYWORD: nojail shutdown
+# KEYWORD: nojailvnet shutdown
. /etc/rc.subr
diff --git a/libexec/rc/rc.d/tlsservd b/libexec/rc/rc.d/tlsservd
index cca28ed60ffe..95a62060fe32 100755
--- a/libexec/rc/rc.d/tlsservd
+++ b/libexec/rc/rc.d/tlsservd
@@ -6,7 +6,7 @@
# PROVIDE: tlsservd
# REQUIRE: NETWORKING root mountcritlocal sysctl
# BEFORE: nfsd
-# KEYWORD: nojail shutdown
+# KEYWORD: nojailvnet shutdown
. /etc/rc.subr
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-16 21:14:51 +0000