diff options
| author | netchild <netchild@FreeBSD.org> | 2010-03-05 14:34:33 +0000 |
|---|---|---|
| committer | netchild <netchild@FreeBSD.org> | 2010-03-05 14:34:33 +0000 |
| commit | 94e741a5e69d24673cb9820a57dd0397eb65f6ce (patch) | |
| tree | 1fbb1fb2d59be8c17ff224e1899f7ee0b2e9d3f4 /etc | |
| parent | 859f5adfa03381fbfedb208ce5f1925debf4ca2a (diff) | |
| download | FreeBSD-src-94e741a5e69d24673cb9820a57dd0397eb65f6ce.zip FreeBSD-src-94e741a5e69d24673cb9820a57dd0397eb65f6ce.tar.gz | |
Redirect stdin from /dev/null when starting a jail:
At least in RELENG_7 this fixes some start problems for some programs
from the ports. It is also more correct, as a jail shall not expect
input (interactivity) from the jail-host.
Revert the current behavior of starting jails in the background and
make it optional only for the start of jails (jail_parallell_start=YES
in rc.conf):
- The stop can not be done in the background, the system needs to wait
until everything is stopped correctly before it can reboot or power
down.
- The start should not be done in parallel by default, this not only
breaks POLA for people comming from RELENG_x, it may also break a
dependency chain with other scripts in the jail-host, which need to
do some stuff after the jails are up and running (e.g. hardlinking
a mysql socket from one jail into another one).
Discussed on: freebsd-jails@
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/defaults/rc.conf | 1 | ||||
| -rwxr-xr-x | etc/rc.d/jail | 20 |
2 files changed, 19 insertions, 2 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index 35b3a7b..dfdf08f 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -637,6 +637,7 @@ mixer_enable="YES" # Run the sound mixer. ### Jail Configuration ####################################### ############################################################## jail_enable="NO" # Set to NO to disable starting of any jails +jail_parallel_start="NO" # Start jails in the background jail_list="" # Space separated list of names of jails jail_set_hostname_allow="YES" # Allow root user in a jail to change its hostname jail_socket_unixiproute_only="YES" # Route only TCP/IP within a jail diff --git a/etc/rc.d/jail b/etc/rc.d/jail index 084acb7..76342cf 100755 --- a/etc/rc.d/jail +++ b/etc/rc.d/jail @@ -636,7 +636,8 @@ jail_start() done eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \ - \"${_addrl}\" ${_exec_start} > ${_tmp_jail} 2>&1 + \"${_addrl}\" ${_exec_start} > ${_tmp_jail} 2>&1 \ + </dev/null if [ "$?" -eq 0 ] ; then _jail_id=$(head -1 ${_tmp_jail}) @@ -728,4 +729,19 @@ fi if [ -n "$*" ]; then jail_list="$*" fi -run_rc_command "${cmd}" & + +# Only allow the parallel start of jails, other commands are not +# safe to execute in parallel. +case "${cmd}" in +*start) + ;; +*) + jail_parallel_start=NO +esac + +if checkyesno jail_parallel_start; then + run_rc_command "${cmd}" & +else + run_rc_command "${cmd}" +fi + |
