On Tue, 5 Aug 2014, mailinglists wrote:
On 5/08/14 11:13 am, Warren Block wrote:
On Tue, 29 Jul 2014, Allan Jude wrote:
On 2014-07-29 17:44, Warren Block wrote:
What process for running mergemaster should I suggest? Maybe different
ones for trusted and untrusted jails?
This will mount /usr/src into the basejail read-only:
mount -t nullfs -o ro /usr/src /usr/jails/basejail/usr/src
Thank you. I took the easy way out, by showing how to mount the
source in the jails and just mentioning mergemaster.
Draft version:
http://www.wonkity.com/~wblock/jails/jails-ezjail.html
_______________________________________________
Would it be an idea to list the files that can be excluded from
mergemaster updates, a lot of the rc scripts are a no-op inside a jail,
if one has to update a large number of ports this can make a real
difference.
I guess ideally mergemaster itself could be extended to include a flag
to indicate it's run inside (or targeted at) a jail and remove/ignore rc
scripts that will never be used but that's probably outside the scope of
this discussion.
A more predictable and possibly safer way is to manually add a standard
list of ignorable jail files to IGNORE_FILES in /etc/mergemaster.rc.
However, now I find that just null-mounting the source on the basejail
is not enough. /usr/src is still empty inside the jails. There is a
configuration option or something for this, I think, I just can't recall
it.
_______________________________________________
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
