From nobody Mon Jun 03 12:38:39 2024 X-Original-To: apache@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VtCvM6WzPz5MRvt for ; Mon, 03 Jun 2024 12:38:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VtCvM3lLFz4bp8 for ; Mon, 3 Jun 2024 12:38:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1717418319; a=rsa-sha256; cv=none; b=C6xk6qUtcN4rvpMq+7l5n9yvnUURT/uabLE/SBxhoiWo7A6gfe/FcLh2vdWJ2H9ssJklDe drKQYVHKI5SBAPxjWITVKYRK/Tp4aAOv60Rs/q/Bu1dm5rC4v36Vp3u/s0fmSL/OUC3PZm uiHgzt1Jywt+CDIdTNTaNIuM7lh3J/f+g6ulFYtIJgQR+8KUbffT7ye/SvkeC8Bfo+HOQL +ECySeNRYUQxR7A0tSQydhMvLvO04A2DdbSRUSKc2ncovsLQpPl9EKQsSH6cJM89CjPCTn 3IENtJwYUTKsswKinuN5J+53meWiSqn0aYRrq+FURRvrQAMEWFqOYyGLU6LO2g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1717418319; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ij9bqueQPDOyqYBpsEZHR/SrUucCkTGSxdM3lK1Eljo=; b=AhySCzYEv03wZeuzEF7jUW+jyhu1zDoqE8/h53o1G9SWjWFNY9SaePaqcUUqjWfqouktzK FmJPMyMqt/otUNc/DYp317HkS0Dwv/qmW1tasoHw9awYF5IKJlBQoLsLkD+Jc/gVT/aF6j I+pYMvCsJLlJCpAb5AOEDxrxi6V2nml7104Nsydobb6CbJmXmc4cU8zPvCipyMJKb3ZFe6 9KbTziQEIXHIjok6c8G1Ob0pdD+NnzTiQnDxc65YRzceIFoqWT7IUQb+LoxE7gjekYE1gT fd59vLxiAo7+h1KUydkjBe2tfDq9IfLmhSAomFZKDvS5Au0frVaT/yhrRKkaaQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VtCvM3M8rzbRX for ; Mon, 3 Jun 2024 12:38:39 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 453CcdZR000411 for ; Mon, 3 Jun 2024 12:38:39 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 453CcdG1000409 for apache@FreeBSD.org; Mon, 3 Jun 2024 12:38:39 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" From: bugzilla-noreply@freebsd.org To: apache@FreeBSD.org Subject: maintainer-feedback requested: [Bug 279494] www/apache24: make the start script service jails ready Date: Mon, 03 Jun 2024 12:38:39 +0000 X-Bugzilla-Type: request X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: apache@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? Message-ID: In-Reply-To: References: X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Support of apache-related ports List-Archive: https://lists.freebsd.org/archives/freebsd-apache List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-apache@FreeBSD.org MIME-Version: 1.0 Bugzilla Automation has asked freebsd-apache (Nobody) for maintainer-feedback: Bug 279494: www/apache24: make the start script service jails ready https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D279494 --- Description --- Attached is a patch which makes the rc.d script service jails ready. This i= s a new feature in -current. The setup I've chosen is to allow ipv4/ipv6 access. It does not allow to use sysv IPC in a jail. IF you want to add this possibility, the config would n= eed to be changed to "net_basic sysvipc" instead. The config can be overridden = in rc.conf. See also: https://docs.freebsd.org/en/books/handbook/jails/#service-jails https://docs.freebsd.org/en/articles/rc-scripting/#rcng-service-jails Some notes: - This is not tested. - Why are you using the special apache24_limits_* stuff? We have the name_limits stuff as part of the rc framework. - The limits part in the precmd will probably not work in a service jail, = as the start command will be executed in a jail and the precmd outside the jai= l. - While the patch is taking the profiles into account, it may fail when the jail is started, as the name of the service jail is derived from the name of the rc script (assuming "profiles" means different instances of apache are started for each profile). The tomcat/oauth2-proxy/openhab ports use a way = to have different instances of the software running in parallel which is based upon the name of the rc script (links to the original rc script). That way works well with service jails.