Hello all, I'm curious if there's been any work done to make /etc/rc.d/jail use the new-style jail command (jail -c path=... name=..., etc)...or if there's been any work done to create a replacement? There are three features I would love to see in the stock version that I've had to implement myself:
- The ability to reference jails by name. Passing the name=<jail_name> argument means that jails can be referenced by name when using, e.g., the jexec command, which is very convenient since jail ids aren't (normally) persistent. - The ability to create jails without starting them. The "persist" argument to the jail command is useful when attaching ZFS datasets to a jail. A ZFS dataset can't be attached until a JID has been allocated, but if with the existing implementation the jail will probably have booted by the time you complete the ZFS assignment, which impacts services that may need access to the jail. There are workarounds (such as a busy-wait loop that checks for the filesystem), but creating the jail with no processes, attaching the datasets, and then starting the jail is much cleaner. - Somewhat more flexibility in setting up jail permissions (via the enforce_statfs and allow.* arguments). Before I spend too much time making my own local changes, I was wondering if there was anything I should be looking at. I've been using ezjail recently, but since it relies on the stock /etc/rc.d/jail to actually boot and configure jails it suffers from the same limitations. Thanks, -- Lars _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
