| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
This keeps most startup scripts as CONFS per discussion on src-committers from
back during BSDCan.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16466
Notes:
svn path=/head/; revision=336845
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(Due to some misconfiguration) I ended up with _mask set to
"-v<something>", and /etc/rc.d/jail then failed with
"expr: illegal option -- v".
Use "expr --" so that variable content is never interpreted as an
option.
Reviewed by: jamie
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D14535
Notes:
svn path=/head/; revision=330122
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
because they can use sysrc in conjunction with ssh and xargs to perform
en-masse changes in a large distribution with lots of jails spread over
many hosts on a LAN/WAN.
Provide a mechanism for disabling the warning eschewed by /etc/rc.d/jail
in said situation. If jail_confwarn="NO" is in rc.conf(5) (default "YES")
skip the warning that per-jail configurations are obsolete and that the
user should migrate to jail.conf(5).
Reviewed by: jelischer
MFC after: 3 days
Sponsored by: FIS Global, Inc.
Differential Revision: https://reviews.freebsd.org/D7465
Notes:
svn path=/head/; revision=307159
|
| |
|
|
|
|
|
|
| |
Reviewed by: jelischer
MFC after: 3 days
Notes:
svn path=/head/; revision=303943
|
| |
|
|
|
|
|
|
|
|
| |
for an explicitly specified jail list; now it's also true for all jails.
PR: 209112
MFC after: 3 days
Notes:
svn path=/head/; revision=302857
|
| |
|
|
|
|
|
|
|
|
| |
instead of assuming they'll take less than one second.
PR: 203172
Submitted by: dmitry2004@yandex.ru
Notes:
svn path=/head/; revision=302855
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This messes up ezjail (and possibly others), when attempting to start
a jail that already exists.
PR: 208806
Reviewed by: tj
MFC after: 5 days
Notes:
svn path=/head/; revision=298516
|
| |
|
|
|
|
|
|
|
|
|
| |
daemon's manpage and probably improved.
- Consistently use "filesystem" not "file system".
Approved by: bapt, brueffer
Differential Revision: D452
Notes:
svn path=/head/; revision=298514
|
| |
|
|
| |
Notes:
svn path=/head/; revision=295555
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a user defines "jail_list" in rc.conf the jails are started in the
order defined. Currently the jails are not are stopped in reverse order
which may break dependencies between jails/services and prevent a clean
shutdown. The new parameter "jail_reverse_stop" will shutdown jails in
"jail_list" in reverse order when set to "YES".
Please note that this does not affect manual invocation of the jail rc
script. If a user runs the command
# service jail stop jail1 jail2 jail3
the jails will be stopped in exactly the order specified regardless of
jail_reverse_stop being defined in rc.conf.
PR: 196152
Approved by: jamie
MFC after: 1 week
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D5233
Notes:
svn path=/head/; revision=295471
|
| |
|
|
|
|
|
| |
s/consider to migrate to jail.conf/consider migrating to jail.conf/
Notes:
svn path=/head/; revision=295269
|
| |
|
|
|
|
|
|
|
|
|
| |
at 0, like exec_prestart and the others do. Make param0 optional, i.e.
still look for param1.
PR: 142973
MFC after: 3 days
Notes:
svn path=/head/; revision=294749
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
contain characters not allowed in a shell variable (such as "-").
These will be replaced by an underscore in jail config variables,
e.g. for jail "foo-bar" you would set "jail_foo_bar_hostname".
This is separate from the current code that changes the jail names
if they contain "." or "/". It also doesn't apply to jails defined
in a jail.conf file.
PR: 191181
MFC after: 5 days
Notes:
svn path=/head/; revision=292759
|
| |
|
|
| |
Notes:
svn path=/head/; revision=289627
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=287615
|
| |
|
|
| |
Notes:
svn path=/head/; revision=287220
|
| |
|
|
|
|
|
| |
nothing to do with this.
Notes:
svn path=/head/; revision=278480
|
| |
|
|
| |
Notes:
svn path=/head/; revision=278343
|
| |
|
|
|
|
|
|
|
|
|
|
| |
root is in its fstab.
Also fix a typo while I'm at it.
PR: 197237 197066
MFC after: 3 days
Notes:
svn path=/head/; revision=278323
|
| |
|
|
|
|
|
|
| |
regardless of whether the usage is correct or not and this generates a
LOT of noise, even when you have specified a mask.
Notes:
svn path=/head/; revision=271248
|
| |
|
|
|
|
|
|
|
| |
when jail_JID_devfs_enable=NO.
Spotted by: peter
Notes:
svn path=/head/; revision=271145
|
| |
|
|
|
|
|
|
| |
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Notes:
svn path=/head/; revision=271078
|
| |
|
|
|
|
|
| |
- Use a parameter argument in jls(8) instead of doing grep.
Notes:
svn path=/head/; revision=270781
|
| |
|
|
|
|
|
|
|
|
|
| |
for ipv6 jails.
Among the harmful side effects included putting a route to an entire /64
onto an interface even if you were in a smaller network - eg: /80.
This broke the freebsd.org cluster hosted at ISC which has /80 networks.
Notes:
svn path=/head/; revision=259094
|
| |
|
|
|
|
|
|
|
| |
- Fix ip[46].addr when interface parameter is not defined.
Spotted by: rpaulo
Notes:
svn path=/head/; revision=256835
|
| |
|
|
|
|
|
|
|
|
| |
no jail name was specified.
- Display error messages when start/stop fails.
Reported by: swills
Notes:
svn path=/head/; revision=256716
|
| |
|
|
|
|
|
| |
- Create /var/run/jail_{jname}.id because ezjail-admin depends on it.
Notes:
svn path=/head/; revision=256498
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Fix a bug that some $jail_{jname}_foo variables did not work.
- Fix a bug which prevented $jail_devfs_ruleset from working[1].
- Move $jail_parameters to the last of the configuraiton lines[1].
Reported by: Jase Thew[1]
Approved by: re (glebius)
Notes:
svn path=/head/; revision=256440
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
mount.devfs but mounts fdescfs. The mount happens just after
mount.devfs.
- rc.d/jail now displays whole error message from jail(8) when a jail
fails to start.
Approved by: re (gjb)
Notes:
svn path=/head/; revision=256385
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
command line options. The "jail_<jname>_*" rc.conf(5) variables for
per-jail configuration are automatically converted to
/var/run/jail.<jname>.conf before the jail(8) utility is invoked.
This is transparently backward compatible.
- Fix a minor bug in jail(8) which prevented it from returning false
when jail -r failed.
Approved by: re (glebius)
Notes:
svn path=/head/; revision=256256
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Do this per jail started, not per address. This will allow DAD to complete
and services to properly start. Before we have seen problems with services
trying to start before the IPv6 address was available to use and thus
erroring and failing to start.
MFC after: 3 days
Notes:
svn path=/head/; revision=245525
|
| |
|
|
|
|
|
|
|
|
| |
Submitted by: crees
Reviewed by: Mike Jakubik <mike.jakubik@intertainservices.com>
Approved by: cperciva
MFC after: 2 weeks
Notes:
svn path=/head/; revision=243080
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
systems are fully "ready to go".
'FILESYSTEMS' states: "This is a dummy dependency, for services which
require file systems to be mounted before starting." However, we have
'var' which is was run after 'FILESYSTEMS' and can mount /var if it
already isn't mounted. Furthermore, several scripts cannot use /var
until 'cleanvar' has done its thing. Thus "FILESYSTEMS" hasn't really
meant all critical file systems are fully usable.
Notes:
svn path=/head/; revision=240336
|
| |
|
|
|
|
|
|
|
|
| |
- To achieve above, convert jail(8) invocation to use new style
command line "-c" flag.
Reviewed at: freebsd-jail@
Notes:
svn path=/head/; revision=239382
|
| |
|
|
|
|
|
| |
will override ours instead of the other way around.
Notes:
svn path=/head/; revision=238605
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=238102
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
creating stray "log" symlinks if the mount fails. That apparently
happens in some ezjail configs.
PR: conf/143084
Submitted by: Dirk Engling <erdgeist at erdgeist.org>
Reviewed by: simon
MFC after: 2 weeks
Notes:
svn path=/head/; revision=230403
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
assignments to the literal values it would have returned.
The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.
During the discussion on freebsd-rc@ a preference was expressed for
using ${name}_enable instead of the literal values. However the
code portability concept doesn't really apply since there are so
many other places where the literal name has to be searched for
and replaced. Also, using the literal value is also a tiny bit
faster than dereferencing the variables, and every little bit helps.
Notes:
svn path=/head/; revision=230099
|
| |
|
|
|
|
|
|
|
| |
This is a further clean up after r202988.
SYSCTL_W is still initialized in rc.subr as some ports may still use it.
Notes:
svn path=/head/; revision=220153
|
| |
|
|
|
|
|
|
|
| |
rc.d'ish way.
Not objected to by: netchild
Notes:
svn path=/head/; revision=204818
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
At least in RELENG_7 this fixes some start problems for some programs
from the ports. It is also more correct, as a jail shall not expect
input (interactivity) from the jail-host.
Revert the current behavior of starting jails in the background and
make it optional only for the start of jails (jail_parallell_start=YES
in rc.conf):
- The stop can not be done in the background, the system needs to wait
until everything is stopped correctly before it can reboot or power
down.
- The start should not be done in parallel by default, this not only
breaks POLA for people comming from RELENG_x, it may also break a
dependency chain with other scripts in the jail-host, which need to
do some stuff after the jails are up and running (e.g. hardlinking
a mysql socket from one jail into another one).
Discussed on: freebsd-jails@
Notes:
svn path=/head/; revision=204759
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will prevent that the script hangs during startup, which
could cause annoying effects after rebooting for example.
PR: kern/139422
Submitted by: Andrey Groshev <greenx at yartv dot ru>
Approved by: imp (mentor, implicit)
MFC after: 3 days
Facilitated by: Snow B.V.
Notes:
svn path=/head/; revision=198785
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Remove redundant debugging of consolelog.
- Use `while :', instead of `while [ true ]'. This is done in other
places as well.
Submitted by: Jille Timmermans <jille quis cx> (not jilles)
Reviewed by: jilles
Notes:
svn path=/head/; revision=193939
|
| |
|
|
|
|
|
|
|
|
|
| |
arbitrary commands (outside the jail) associated with said events,
e.g. to bring up/down CARP interfaces representing services run in
jails.
Reviewed by: simon
Notes:
svn path=/head/; revision=191620
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Note: this is only really necessary because of the ifconfig
logic to add/remove the jail IPs upon start/stop.
Consensus among simon and I is that the logic should
really be factored out from the startup script and put
into a proper management solution.
- We now support starting of no-IP jails.
- Remove the global jail_<jname>_netmask option as it is only
helpful to set netmasks/prefixes for the right address
family and per address.
- Implement jail_<jname>_ip options to support both
address familes with regard to ifconfig logic.
- Implement _multi<n> support suffix to the jail_<jname>_ip
option to configure additional addresses to avoid overlong,
unreadbale jail_<jname>_ip lines with lots of addresses.
Submitted by: initial work from Ruben van Staveren
Discussed on: freebsd-jail in Nov 2008.
Reviewed by: simon, ru (partial, older version)
MFC after: 1 week
Notes:
svn path=/head/; revision=187708
|
| |
|
|
|
|
|
| |
MFC after: 3 days
Notes:
svn path=/head/; revision=183325
|
| |
|
|
|
|
|
|
| |
Reviewed by: secteam (simon)
Reviewed by: brooks, bz
Notes:
svn path=/head/; revision=183100
|
| |
|
|
| |
Notes:
svn path=/head/; revision=180563
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=175293
|
| |
|
|
| |
Notes:
svn path=/head/; revision=169925
|
