From tataz@tataz.chchile.org  Fri Sep 22 14:00:06 2006
Return-Path: <tataz@tataz.chchile.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E2E9616A407;
	Fri, 22 Sep 2006 14:00:05 +0000 (UTC)
	(envelope-from tataz@tataz.chchile.org)
Received: from smtp4-g19.free.fr (smtp4-g19.free.fr [212.27.42.30])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 31A5843D46;
	Fri, 22 Sep 2006 14:00:05 +0000 (GMT)
	(envelope-from tataz@tataz.chchile.org)
Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98])
	by smtp4-g19.free.fr (Postfix) with ESMTP id 468F44F387;
	Fri, 22 Sep 2006 16:00:04 +0200 (CEST)
Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25])
	by tatooine.tataz.chchile.org (Postfix) with ESMTP id EE2EE9B4C1;
	Fri, 22 Sep 2006 14:00:09 +0000 (UTC)
Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000)
	id D9FBA408C; Fri, 22 Sep 2006 16:00:09 +0200 (CEST)
Message-Id: <20060922140009.D9FBA408C@obiwan.tataz.chchile.org>
Date: Fri, 22 Sep 2006 16:00:09 +0200 (CEST)
From: Jeremie Le Hen <jeremie@le-hen.org>
Reply-To: Jeremie Le Hen <jeremie@le-hen.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: Jeremie Le Hen <jeremie@le-hen.org>, matteo@FreeBSD.org, flz@FreeBSD.org
Subject: [patch] rc.d/jail: mount fstab after devfs
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         103486
>Category:       conf
>Synopsis:       [rc.d] [jail] [patch] rc.d/jail: mount fstab after devfs
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bz
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Sep 22 14:00:36 GMT 2006
>Closed-Date:    Sat Jan 10 20:43:54 UTC 2009
>Last-Modified:  Sat Jan 10 20:43:54 UTC 2009
>Originator:     Jeremie Le Hen
>Release:        FreeBSD 6.1-STABLE i386
>Organization:
>Environment:
System: FreeBSD obiwan 6.1-STABLE FreeBSD 6.1-STABLE #8: Sun Jun 25 18:27:14 CEST 2006 root@obiwan:/usr/obj/usr/src/sys/OBIWAN i386
>Description:
The host administrator might sometime want to use the $jail_<jname>_fstab
to mount devfs in more than one directory inside the jail.
>How-To-Repeat:
Try to run a chrooted named(8) in a jail, it is currently impossible.
Indeed, when $named_chroot_autoupdate is set to YES (the default),
rc.d/named tries to mount devfs in $named_chrootdir/dev, which is
obviously impossible from inside a jail.

Thus it would be worth being possible to use $jail_<jname>_fstab to
mount $jail_<jname>_rootdir/dev onto $jail_<jname>_rootdir/$named_chrootdir/dev.
This is a little bit hackish, but a least makes possible to run
a chrooted named(8) in a jail.
>Fix:
Index: jail
===================================================================
RCS file: /home/ncvs/src/etc/rc.d/jail,v
retrieving revision 1.34
diff -u -p -u -p -r1.34 jail
--- jail	30 May 2006 16:20:48 -0000	1.34
+++ jail	22 Sep 2006 13:16:47 -0000
@@ -154,6 +154,10 @@ set_sysctl()
 #
 jail_umount_fs()
 {
+	if checkyesno _mount; then
+		[ -f "${_fstab}" ] || warn "${_fstab} does not exist"
+		umount -a -F "${_fstab}" >/dev/null 2>&1
+	fi
 	if checkyesno _fdescfs; then
 		if [ -d "${_fdescdir}" ] ; then
 			umount -f ${_fdescdir} >/dev/null 2>&1
@@ -169,10 +173,6 @@ jail_umount_fs()
 			umount -f ${_procdir} >/dev/null 2>&1
 		fi
 	fi
-	if checkyesno _mount; then
-		[ -f "${_fstab}" ] || warn "${_fstab} does not exist"
-		umount -a -F "${_fstab}" >/dev/null 2>&1
-	fi
 }
 
 jail_start()
@@ -199,13 +199,6 @@ jail_start()
 		if [ -n "${_interface}" ]; then
 			ifconfig ${_interface} alias ${_ip} netmask 255.255.255.255
 		fi
-		if checkyesno _mount; then
-			info "Mounting fstab for jail ${_jail} (${_fstab})"
-			if [ ! -f "${_fstab}" ]; then
-				err 3 "$name: ${_fstab} does not exist"
-			fi
-			mount -a -F "${_fstab}"
-		fi
 		if checkyesno _devfs; then
 			# If devfs is already mounted here, skip it.
 			df -t devfs "${_devdir}" >/dev/null
@@ -239,6 +232,13 @@ jail_start()
 				mount -t procfs proc "${_procdir}"
 			fi
 		fi
+		if checkyesno _mount; then
+			info "Mounting fstab for jail ${_jail} (${_fstab})"
+			if [ ! -f "${_fstab}" ]; then
+				err 3 "$name: ${_fstab} does not exist"
+			fi
+			mount -a -F "${_fstab}"
+		fi
 		_tmp_jail=${_tmp_dir}/jail.$$
 		eval jail ${_flags} -i ${_rootdir} ${_hostname} \
 			${_ip} ${_exec_start} > ${_tmp_jail} 2>&1
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-rc 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Sep 22 18:08:52 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=103486 
State-Changed-From-To: open->feedback 
State-Changed-By: bz 
State-Changed-When: Fri Jan 9 22:24:55 UTC 2009 
State-Changed-Why:  
Submitter was asked if this is still relevant as we have 
jail_<name>_fstab these days. 


Responsible-Changed-From-To: freebsd-rc->bz 
Responsible-Changed-By: bz 
Responsible-Changed-When: Fri Jan 9 22:24:55 UTC 2009 
Responsible-Changed-Why:  
Track this. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=103486 

From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
To: bug-followup@FreeBSD.org, jeremie@le-hen.org
Cc:  
Subject: Re: conf/103486: [rc.d] [jail] [patch] rc.d/jail: mount fstab after
 devfs
Date: Fri, 9 Jan 2009 22:26:58 +0000 (UTC)

 Hi,
 
 is this PR still relevant or can it be closed as there is a
 jail_<janme>_fstab="" option these days?
 
 
 /bz
 
 -- 
 Bjoern A. Zeeb                      The greatest risk is not taking one.

From: Jeremie Le Hen <jeremie@le-hen.org>
To: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Cc: bug-followup@FreeBSD.org, jeremie@le-hen.org
Subject: Re: conf/103486: [rc.d] [jail] [patch] rc.d/jail: mount fstab
	after devfs
Date: Sat, 10 Jan 2009 18:29:01 +0100

 Hi Bjoern,
 
 On Fri, Jan 09, 2009 at 10:26:58PM +0000, Bjoern A. Zeeb wrote:
 > is this PR still relevant or can it be closed as there is a
 > jail_<janme>_fstab="" option these days?
 
 The patch included in the PR does move jail_<jname>_fstab handling :).
 
 However now I'm re-thinking about it, this patch shouldn't be
 committed because $jail_<jname>_rootdir/dev may only exist after
 $jail_<jname>_fstab has been handled.  This is the case with the service
 jails chapter in the handbook.
 
 Please close it.
 
 Thank you for your work :).
 Best regards,
 -- 
 Jeremie Le Hen
 < jeremie at le-hen dot org >< ttz at chchile dot org >
State-Changed-From-To: feedback->closed 
State-Changed-By: bz 
State-Changed-When: Sat Jan 10 20:42:46 UTC 2009 
State-Changed-Why:  
Submitter replies this can be closed and after reading another 
time I cannot see how the reordering on how the mounts are done 
could change much anyway. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=103486 
>Unformatted:
