On Sat, Dec 11, 2004, Michal Belczyk wrote: > On Sat, Dec 11, 2004 at 12:44:12AM -0800, Julian Elischer wrote: > > Ralf S. Engelschall wrote: > > >On Fri, Dec 10, 2004, Nielsen wrote: > > >>Ralf S. Engelschall wrote: > > >> > > >>>Currently a "/etc/rc.d/jail stop" just kills all processes in the > > >>>individual jails. If /etc/default/rc.conf's default way of booting the > > >>>jails (jail_exec="/bin/sh /etc/rc") is used this is a rather crual > > >>>approach IMHO. I think if the jail is booted through /etc/rc it also > > >>>should be given the chance to shutdown via /etc/rc.shutdown. If then > > >>>there are still processes remaining, the killall(1) is fine, of course. > > >>>This way packages and other sub-systems have the chance to perform a > > >>>graceful shutdown. > > >> > > >>Definitely a good plan. You just have to watch out for environment > > >>variable leakage into the jail subsystem when using jexec. A minor > > >>concern, perhaps. > > >>[...] > > > > > > > > >Ok, good point. I think running "env -i /usr/sbin/jexec" instead of > > >just "jexec" is sufficient here because the rc.shutdown reinitializes > > >at least PATH and HOME again and the remaining variables should be not > > >needed for the procedure. > > > > I think we should introduce an "init" process for jails.. > > > > It would be responsible for all that the normal init is responsible for > > except for being the default parent.. (some might argue for that too). > > Sending it a particular signal would notify it to > > send shutdown signals to all its compatriots in the jail etc. > > That's what Nielsen's jailer or my kjailer(*) do. Just set jail_blah_exec > to point it. > > (*) http://www.bsd.krakow.pl/kjailer.tbz
Ok, I think we have two issues here: 1. The rc mechanism should be improved to better support the automatic starting and stopping of jails. This is what I currently try to address here as the first step. 2. The jail controlling through an init-style process is a reasonable addon functionality. This is what jailer and kjailer try to address and which is the foundation of a program which IMHO in the long term should be added to the base system, too. Point (2) depends on (1), I think. Hence I suggest the following improved change which already plays nicely according to my tests with both plain rc/rc.shutdown-based jails and kjailer-based jails: http://people.freebsd.org/~rse/work/jail-startstop.txt Further feedback on this change is desired... -- [EMAIL PROTECTED] Ralf S. Engelschall FreeBSD.org/~rse [EMAIL PROTECTED] FreeBSD committer www.engelschall.com _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
