conf/116416: [patch] per-jail rc.conf(5) style configuration
file in /etc/jail/
Jeremie Le Hen
jeremie at le-hen.org
Sat Oct 13 14:58:31 PDT 2007
Hi Mike,
Thanks for taking care of this.
On Wed, Oct 10, 2007 at 10:40:00PM +0300, Mike Makonnen wrote:
> I like this patch, especially the second revision. I think people who
> run a very large number of jails will appreciate it. However, I'd like
> to see a few changes made:
>
> 1. Rename /etc/jail to /etc/jail.d
> 2. The jails_confdir knob should be sourced from /etc/defaults/rc.conf
> so the sysadmin can change it if necessary.
> 3. Instead of simply populating jail_list from the directory if it's
> empty I'd like to see it cascade through the following logic:
> If jail_enable=no
> do nothing (current behaviour)
> else if jail_enable=yes
> process jails defined in jail_list (current behaviour)
> else if jail_enable=auto
> if jail_list is NOT empty
> process ONLY the jails listed in it
> else
> automatically populate jail_list from /etc/jail.d/
>
> This will give maximum flexibility and choice to the sysadmin.
> Your patch is essentially the same, however I would like to see the
> behaviour controlled by the jail_enable knob than have the script
> determine for itselft what it's going to do. For example, your patch,
> as it currently stands, would break a setup where the sysadmin had
> enabled jails but intentionally left jail_list empty in order *not* to
> start any jails.
I've included all your requests in the attached patch. If this is not
the valid way to attach a file to a PR followup, please let me know.
I will be able to document this tomorrow. $jail_confdir should
certainly be documented in rc.conf(5), but I'm not sure where to explain
the content of /etc/jail.d/.
Regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
More information about the freebsd-rc
mailing list