>Number: 189354
>Category: conf
>Synopsis: major logic error in /etc/rc.d/jail script for release 10.0
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun May 04 12:30:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: Joe Barbish
>Release: 10.0-RELEASE i386
>Organization:
none
>Environment:
>Description:
In freebsd-10.0 the /etc/rc.d/jail script has been changed to convert jails
defined in /etc/rc.conf to the jail(8) format and then start a jail using those
jail(8) definitions. The /etc/rc.d/jail script logic is incomplete and
inaccurate in what and how the on the fly conversion is done. The show-stopper
problem is the fstab statement in the /etc/rc.conf file is not being converted
to the jail.conf format. On inspection of the /etc/rc.d/jail script shows there
is no logic to convert the fstab statement at all. Only the 3 most basic jail
definition statements are converted and a bunch of other un-necessary
statements are inserted into the jail(8) format file which is written in
/var/run/jailname instead of /etc/jail.conf like the man page states is the
correct location. In addition the /var/run/jailname jail(8) format file
contains these un-necessary statements.
exec.clean;
exec.system_user = "root";
exec.jail_user = "root";
allow.set_hostname = 0;
allow.sysvipc = 0;
In effect this show-stopper forces the 10.0 user to immediately manually
convert to jail.conf method or restore the 10.0 system back to a previous
release of his system thus negating the intended purpose and results of the
auto conversion. I am sure this is NOT the original intended purpose.
>How-To-Repeat:
>Fix:
Logic has to be added to the /etc/rc.d/jail script to convert all possible
rc.conf jail statements as shown in /etc/default/rc.conf to the jail(8) format
and remove the un-necessary statements it now inserts. An alterative would be
to restore the 9.2 /etc/rc.d/jail script to 10.0 thus allowing both rc.conf and
jail.conf jails to function.
>Release-Note:
>Audit-Trail:
>Unformatted:
>cat /etc/rc.conf
jail_enable="YES" # legacy rc.d method
jail_list="legacy_rc_dir0"
jail_legacy_rc_dir0_hostname="legacy_rc_dir0"
jail_legacy_rc_dir0_rootdir="/usr/jail/legacy_rc_dir0"
jail_legacy_rc_dir0_fstab="/usr/local/etc/jail.rcconf.fstab/legacy_rc_dir0"
jail_legacy_rc_dir0_ip="10.10.0.50"
jail_legacy_rc_dir0_interface="xl0"
jail_legacy_rc_dir0_flags="-n legacy_rc_dir0 -l -U root"
jail_legacy_rc_dir0_mount_enable="YES"
jail_legacy_rc_dir0_devfs_enable="YES"
jail_legacy_rc_dir0_exec_start="/bin/sh /etc/rc"
jail_legacy_rc_dir0_exec_stop="/bin/sh /etc/rc.shutdown"
/var/run >ls
jail.legacy_rc_dir0.conf
/var/run >cat jail.legacy_rc_dir0.conf
# Generated by rc.d/jail at 2014-05-03 16:59:32
legacy_rc_dir0 {
host.hostname = "legacy_rc_dir0";
path = "/usr/jail/legacy_rc_dir0";
interface = "xl0";
ip4.addr += "xl0|10.10.0.50/32";
exec.clean;
exec.system_user = "root";
exec.jail_user = "root";
exec.start += "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.consolelog = "/var/log/jail_legacy_rc_dir0_console.log";
mount.devfs;
allow.mount;
allow.set_hostname = 0;
allow.sysvipc = 0;
}
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
