On 05/24/12 16:59, Mateusz Guzik wrote:
On Thu, May 24, 2012 at 04:46:52PM -0600, Jamie Gritton wrote:
I'll get the patch to jail(8) in - thanks for catching that. But I
wonder about the patch to /etc/rc.d/jail. It looks correct, but I'm
going to see if it's /etc/rc.d/jail that needs changing, or if my recent
changes to jail(8) have changed the order in which things are written.
Yeah, was not sure whether I should change the order or the script. :)
Would not it be better to just create empty persistent jail as first step?
Since in this case only one line will be generated (jid), rc.d script
will be able to just take the output - this seems much less fragile
than the current method. Then of course it would proceed with jexec
running /etc/rc and in the end drop persist flag.
It looks like rc.d script still uses old syntax so this actually may be
less trivial than it sounds. That being said, if this is idea sounds
okay, I can try to come up with a patch this weekend.
There definitely is a difference between old and new jail behavior, not
just in the order of things:
glorfindel# jail -i -c name=foo command="foo"
5
jail: execvp: foo: No such file or directory
vs
glorfindel# /usr/obj`pwd`/jail -i -c name=foo command="foo"
jail: exec foo: No such file or directory
jail: foo: failed
-1
The jail id given back used to correspond to a jail that was created but
no longer exists by the time it's printed (or shortly thereafter). Now
it's a -1 indicating that no jail exists. I think the -1 is more
correct, but perhaps better for CURRENT but not STABLE? And the extra
"foo: failed" is printed by jail, as a generic message when a command
doesn't work out (for the case where the command itself doesn't print
a message).
Hmm ... I'll be pondering this one while I get a bite to eat :-).
- Jamie
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
