CFT: rc.d/jail rewrite (was: jail configuration)

[Hiroki Sato]

[Please reply to freebsd-current@]

Hi,

 Can anyone who are using jail_* variables in rc.conf test the
 attached patch?

 On freebsd-arch@ there is a discussion about deprecating
 jail_<jname>_* variables in favor of jail.conf.  This rewrite is one
 to support the both in a backward compatible way.  I want to make
 sure if this does not break the existing configurations.

 The following is the entry in UPDATING:

+20131007:
+       The rc.d/jail script has been updated to support jail(8)
+       configuration file.  The "jail_<jname>_*" rc.conf(5) variables
+       for per-jail configuration are automatically converted to
+       /var/run/jail.<jname>.conf before the jail(8) utility is invoked.
+       This is transparently backward compatible.  See the below about some
+       incompatibilities.
+
+       These variables are now deprecated in favor of jail(8) configuration
+       file.  One can use "rc.d/jail config <jname>" command to generate
+       a jail(8) configuration file in /var/run/jail.<jname>.conf without
+       running the jail(8) utility.   The default pathname of the
+       configuration file is /etc/jail.conf and can be specified by
+       using $jail_conf or $jail_<jname>_conf variables.
+
+       Please note that jail_fdesc_enable and jail_procfs_enable are
+       not supported, and jail_devfs_ruleset accepts an integer at
+       this moment.  Please consider to use exec.fstab for the
+       additional mount and rewrite the ruleset name with an integer.

Dag-Erling Smørgrav <des at des.no> wrote
  in <8638oerh39.fsf at nine.des.no>:

de> I didn't look at the patch very closely, but I see that you print a
de> warning when you generate a configuration for an old-style jail while
de> jail.conf exists.  I think you should *always* print that warning for
de> every old-style jail so people will be reminded to convert.  We should
de> also remove the examples from /etc/defaults/rc.conf and replace the
de> documentation for jail_${_j}_* in rc.conf(5) with a short paragraph that
de> says they are for compatibility only.

 Thank you for your feedback.  The warning message is always displayed
 in "rc.d/jail start", and rc.conf(5) and defaults/rc.conf are updated
 in this patch.

-- Hiroki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: jail_20131007-1.diff
Type: text/x-patch
Size: 43617 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20131007/375fb0bb/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20131007/375fb0bb/attachment.sig>