From nobody@FreeBSD.org  Tue Apr 29 23:19:30 2014
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hub.freebsd.org (Postfix) with ESMTPS id BAEE7C4
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 29 Apr 2014 23:19:30 +0000 (UTC)
Received: from cgiserv.freebsd.org (cgiserv.freebsd.org [IPv6:2001:1900:2254:206a::50:4])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id A6DEB807
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 29 Apr 2014 23:19:30 +0000 (UTC)
Received: from cgiserv.freebsd.org ([127.0.1.6])
	by cgiserv.freebsd.org (8.14.8/8.14.8) with ESMTP id s3TNJUqO021394
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 29 Apr 2014 23:19:30 GMT
	(envelope-from nobody@cgiserv.freebsd.org)
Received: (from nobody@localhost)
	by cgiserv.freebsd.org (8.14.8/8.14.8/Submit) id s3TNJUbx021386;
	Tue, 29 Apr 2014 23:19:30 GMT
	(envelope-from nobody)
Message-Id: <201404292319.s3TNJUbx021386@cgiserv.freebsd.org>
Date: Tue, 29 Apr 2014 23:19:30 GMT
From: Joe Barbish <qjail@a1poweruser.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [Maintainer update] sysutils/qjail  maintenance & enhancements
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         189120
>Category:       ports
>Synopsis:       [Maintainer update] sysutils/qjail  maintenance & enhancements
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pi
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 29 23:20:00 UTC 2014
>Closed-Date:    Thu May 15 10:51:35 UTC 2014
>Last-Modified:  Thu May 15 10:51:35 UTC 2014
>Originator:     Joe Barbish
>Release:        10.0
>Organization:
none
>Environment:
>Description:
Please include the following in the qjail port change log.

1. Fix typo in qjail.8 manual. 
   Change "See jailip below" to "See -4 option"

2. Fix typo in qjail-howto.8 manual as per PR# 186269. 
   Change a comma , inside of ip address to a . period.
   73.x.97,51,10.0.10.126  to  73.x.97.51,10.0.10.126  

3. Change qjail.portsnap.conf, 
   remove index-6 index-7 index-8 statements
   replace index-9 with index-10

4. Removed rcvar=`set_rcvar` statement from qjail.bootime script.
   In Release 10.0 its no longer included in the rc.d scripts and
   was causing a non-harmful bogus boot time message. 

5. Correct coding bug in archive logic to archive sharedfs per zone.

6. Correct coding bug for Sanity check to see if any jails are running.

7. Changed "qjail install" logic to check that this version of qjail only 
   runs on release-10.0. This is due to unique properties of jail(8) & rc.d 
   that are not in 9.2 and older releases.

8. Changed "qjail create" and "qjail config" logic to check if the 
   -4 and/or -6 IP address are prefixed with "<if_device>|" and/or 
   suffixed with "/<netmask>" values. jail(8) says this is valid syntax, 
   but its NOT allowed as valid syntax to qjail.

9. Changed "qjail create" logic to check if no -n value was entered. If not
   then populate the -n value with the interface default nic device name 
   obtained from route command. This is now the automatic default behavior.
   The default interface is the one connected to the public internet.
   This shortens the "qjail create command" and forces the use of the 
   automatic creation and deletation of the alias for the jails IP address 
   on that "network interface name". Made appropriate changes to qjail.8
   man page documentation.

10. Changed "qjail create" logic to target another zones archives as input
    source. Now you can use any zones archive file as a template to create
    a new jail using the existing -a option. New -A option is coded with the
    zone name of the target archive file name populating the -a value.
    Made appropriate changes to qjail.8 man page documentation.
     
11. Added -S option to "qjail update" This option will copy the hosts /usr/src
    filesystem to sharedfs/usr/src to be shared among all the jails.
    Made appropriate changes to qjail.8 man page documentation.

12. Add -P option to "qjail update" This option will copy the hosts /usr/ports
    filesystem to sharedfs/usr/ports to be shared among all the jails.
    Made appropriate changes to qjail.8 man page documentation.


Please close PR# 186269 as completed.
 

>How-To-Repeat:

>Fix:


Patch attached with submission follows:

Files qjail-3.2/.svn/wc.db and qjail/.svn/wc.db differ
diff -ruN qjail-3.2/Makefile qjail/Makefile
--- qjail-3.2/Makefile	2014-04-29 17:59:59.000000000 -0400
+++ qjail/Makefile	2014-04-29 18:04:51.000000000 -0400
@@ -2,7 +2,7 @@
 # $FreeBSD: head/sysutils/qjail/Makefile 327772 2013-09-20 23:05:58Z bapt $
 
 PORTNAME=	qjail
-PORTVERSION=	3.2
+PORTVERSION=	3.3
 CATEGORIES=	sysutils
 MASTER_SITES=	SF/${PORTNAME}
 
@@ -15,7 +15,7 @@
 
 MAN8=		qjail.8 qjail-intro.8 qjail-howto.8
 
-CONFLICTS_INSTALL=	qjail-2.*
+CONFLICTS_INSTALL=	qjail-2.* qjail-3.0 qjail-3.1 qjail-3.2
 
 NO_STAGE=	yes
 post-patch:
diff -ruN qjail-3.2/distinfo qjail/distinfo
--- qjail-3.2/distinfo	2014-04-29 17:59:59.000000000 -0400
+++ qjail/distinfo	2014-04-29 18:01:18.000000000 -0400
@@ -1,2 +1,2 @@
-SHA256 (qjail-3.2.tar.bz2) = 3088c1946e720ddc3fb6f78254f8616951de3a90f0e6e0dfbd4d49c16febe697
-SIZE (qjail-3.2.tar.bz2) = 121560
+SHA256 (qjail-3.3.tar.bz2) = 1fafc7ec065e3ef1ccd20321eabab22887ef663be4a5aaa471d951dd94c9a7b4
+SIZE (qjail-3.3.tar.bz2) = 61477
diff -ruN qjail-3.2/files/pkg-message.in qjail/files/pkg-message.in
--- qjail-3.2/files/pkg-message.in	2014-04-29 17:59:59.000000000 -0400
+++ qjail/files/pkg-message.in	2014-04-29 18:01:18.000000000 -0400
@@ -11,8 +11,5 @@
 ########################################################################
 
 
-For instructions on upgrading jail filesystems
-Read %%EXAMPLESDIR%%/upgrade-info.txt
-
 
 
diff -ruN qjail-3.2/pkg-descr qjail/pkg-descr
--- qjail-3.2/pkg-descr	2014-04-29 17:59:59.000000000 -0400
+++ qjail/pkg-descr	2014-04-29 18:06:14.000000000 -0400
@@ -1,16 +1,17 @@
 Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
 system that includes security and performance enhancements. Plus a new level
 of "user friendliness" enhancements dealing with deploying just a few jails or
-large jail environments consisting of 100's of jails.
+large scale jail environments consisting of 100's of jails.
 
 This version of qjail has been converted from using the legacy rc.d-method as 
 used in all previous versions of qjail, to using the jail(8) jail.conf-method 
-available in RELEASE-9.1. This upgrade provides the ability to enable the 
-following new options on a per-jail basis. exec.fib, allow.raw_sockets, 
-allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, securelevel, 
+available in RELEASE-9.1 which contained many bugs, some that were fixed in
+RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the ability
+to enable the following new options on a per-jail basis. exec.fib, securelevel,
+allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id,
 vnet.interface, and vnet. The vnet option gives a jail its own network stack 
-using the experimental vimage software. This qjail version is not functional 
-for RELEASES older than RELEASE-9.1. The vnet option has only been tested on 
+using the experimental vimage software. This qjail version is not intended
+for RELEASES older than RELEASE-10.0. The vnet option has only been tested on 
 i386 and amd64 equipment.
 
 Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
diff -ruN qjail-3.2/pkg-plist qjail/pkg-plist
--- qjail-3.2/pkg-plist	2014-04-29 17:59:59.000000000 -0400
+++ qjail/pkg-plist	2014-04-29 18:01:18.000000000 -0400
@@ -3,9 +3,6 @@
 bin/qjail.vnet.ng
 etc/qjail.portsnap.conf
 etc/rc.d/qjail.bootime
-%%EXAMPLESDIR%%/upgrade-info.txt
-%%EXAMPLESDIR%%/vnet/jail.amd64
-%%EXAMPLESDIR%%/vnet/jail.i386
 %%EXAMPLESDIR%%/vnet/ipfw.rules.host
 %%EXAMPLESDIR%%/vnet/ipfw.rules.vnet
 %%EXAMPLESDIR%%/vnet/ipf.rules.host


>Release-Note:
>Audit-Trail:

From: "joeb1" <joeb1@a1poweruser.com>
To: <bug-followup@FreeBSD.org>,
	"qjail" <qjail@a1poweruser.com>
Cc:  
Subject: Re: ports/189120: [Maintainer update] sysutils/qjail  maintenance &amp; enhancements
Date: Wed, 30 Apr 2014 08:03:37 -0400

 Sorry about this request that it's late.
 
 
 Please keep the current qjail-3.2 port and rename it to qjail3-3.2. It
 services 9.2-release.
 The qjail2-2.2 port also stays for now.
 
 Also please remove "qjail-3.2" from the CONFLICTS_INSTALL= statement in the
 Makefile of qjail-3.3.
 
 

From: Dreamcat4 <dreamcat4@gmail.com>
To: bug-followup@freebsd.org, qjail@a1poweruser.com
Cc:  
Subject: Re: ports/189120: [Maintainer update] sysutils/qjail maintenance
 &amp; enhancements
Date: Thu, 1 May 2014 18:03:33 +0100

 --047d7b41791d90744e04f859a7f0
 Content-Type: text/plain; charset=UTF-8
 
 Joe is killing off the "interface|ip_address/subnet" syntax in the very
 next 3.3 version of qjail.
 
 It turns out that will create a problem for running "insecure" local
 services such as virtualbox. Specifically it's the "vboxwebserv" daemon
 which requires a 2nd interface for loopback (localhost lo0) inside of the
 jail for the daemon to bind its TCP listen port to (so it isn't exposed to
 outside).
 
 Basically the daemon listens on a TCP port "18083" in a very insecure
 manner - to connect to another php service "phppvirtualbox" which running
 locally inside of the same jail.
 
 With current version 3.2, I am actually doing this:
 
 qjail create -4 "192.168.1.203,lo0|127.0.0.2"
 
 Which works fabulously. (otherwise the daemon ends up binding to the
 public-facing interface = very bad).
 
 
 I was really hoping Joe could help by either:
 
 A) Released a separate update for auto-nic (as it's own version) before
 rolling in the other changes which disable the multiple-nic embedded ip
 syntax.
 
 OR
 
 B) Allow me to fork the qjail project from version 3.2 ?
 
 
 I'm not aware of any other workaround specifically to that issue.
 
 So if you could please respond with some ideas.
 Kind Regards
 
 --047d7b41791d90744e04f859a7f0--

From: "qjail" <qjail@a1poweruser.com>
To: <bug-followup@FreeBSD.org>,
	"qjail" <qjail@a1poweruser.com>
Cc:  
Subject: Re: ports/189120: [Maintainer update] sysutils/qjail  maintenance &amp; enhancements
Date: Thu, 1 May 2014 15:18:48 -0400

 This is a multi-part message in MIME format.
 
 ------=_NextPart_000_0000_01CF6550.A6B3BD20
 Content-Type: text/plain;
 	charset="iso-8859-1"
 Content-Transfer-Encoding: 7bit
 
 Have made last minute changes for continued support of Dreamcat4's
 NAS4Free project.
 
 New Make files diff attached.
 Corrected the "CONFLICTS_INSTALL" statement.
 ------=_NextPart_000_0000_01CF6550.A6B3BD20
 Content-Type: application/octet-stream;
 	name="qjail-3.3_port_diff"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: attachment;
 	filename="qjail-3.3_port_diff"
 
 Files qjail-3.2/.svn/wc.db and qjail/.svn/wc.db differ=0A=
 diff -ruN qjail-3.2/Makefile qjail/Makefile=0A=
 --- qjail-3.2/Makefile	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/Makefile	2014-05-01 12:15:01.000000000 -0400=0A=
 @@ -2,7 +2,7 @@=0A=
  # $FreeBSD: head/sysutils/qjail/Makefile 327772 2013-09-20 23:05:58Z =
 bapt $=0A=
  =0A=
  PORTNAME=3D	qjail=0A=
 -PORTVERSION=3D	3.2=0A=
 +PORTVERSION=3D	3.3=0A=
  CATEGORIES=3D	sysutils=0A=
  MASTER_SITES=3D	SF/${PORTNAME}=0A=
  =0A=
 @@ -15,7 +15,7 @@=0A=
  =0A=
  MAN8=3D		qjail.8 qjail-intro.8 qjail-howto.8=0A=
  =0A=
 -CONFLICTS_INSTALL=3D	qjail-2.*=0A=
 +CONFLICTS_INSTALL=3D	qjail-2.* qjail-3.0 qjail-3.1 =0A=
  =0A=
  NO_STAGE=3D	yes=0A=
  post-patch:=0A=
 diff -ruN qjail-3.2/distinfo qjail/distinfo=0A=
 --- qjail-3.2/distinfo	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/distinfo	2014-05-01 14:35:39.000000000 -0400=0A=
 @@ -1,2 +1,2 @@=0A=
 -SHA256 (qjail-3.2.tar.bz2) =3D =
 3088c1946e720ddc3fb6f78254f8616951de3a90f0e6e0dfbd4d49c16febe697=0A=
 -SIZE (qjail-3.2.tar.bz2) =3D 121560=0A=
 +SHA256 (qjail-3.3.tar.bz2) =3D =
 2b1f04b835b7061c6c722f17610f680aa3f14962e7bd6b20859db567567a3685=0A=
 +SIZE (qjail-3.3.tar.bz2) =3D 61422=0A=
 diff -ruN qjail-3.2/files/pkg-message.in qjail/files/pkg-message.in=0A=
 --- qjail-3.2/files/pkg-message.in	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/files/pkg-message.in	2014-04-29 18:01:18.000000000 -0400=0A=
 @@ -11,8 +11,5 @@=0A=
  ########################################################################=0A=
  =0A=
  =0A=
 -For instructions on upgrading jail filesystems=0A=
 -Read %%EXAMPLESDIR%%/upgrade-info.txt=0A=
 -=0A=
  =0A=
  =0A=
 diff -ruN qjail-3.2/pkg-descr qjail/pkg-descr=0A=
 --- qjail-3.2/pkg-descr	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/pkg-descr	2014-04-29 18:06:14.000000000 -0400=0A=
 @@ -1,16 +1,17 @@=0A=
  Qjail [ q =3D quick ] is a 4th generation wrapper for the basic chroot =
 jail=0A=
  system that includes security and performance enhancements. Plus a new =
 level=0A=
  of "user friendliness" enhancements dealing with deploying just a few =
 jails or=0A=
 -large jail environments consisting of 100's of jails.=0A=
 +large scale jail environments consisting of 100's of jails.=0A=
  =0A=
  This version of qjail has been converted from using the legacy =
 rc.d-method as =0A=
  used in all previous versions of qjail, to using the jail(8) =
 jail.conf-method =0A=
 -available in RELEASE-9.1. This upgrade provides the ability to enable =
 the =0A=
 -following new options on a per-jail basis. exec.fib, allow.raw_sockets, =0A=
 -allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, =
 securelevel, =0A=
 +available in RELEASE-9.1 which contained many bugs, some that were =
 fixed in=0A=
 +RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the =
 ability=0A=
 +to enable the following new options on a per-jail basis. exec.fib, =
 securelevel,=0A=
 +allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, =
 cpuset.id,=0A=
  vnet.interface, and vnet. The vnet option gives a jail its own network =
 stack =0A=
 -using the experimental vimage software. This qjail version is not =
 functional =0A=
 -for RELEASES older than RELEASE-9.1. The vnet option has only been =
 tested on =0A=
 +using the experimental vimage software. This qjail version is not =
 intended=0A=
 +for RELEASES older than RELEASE-10.0. The vnet option has only been =
 tested on =0A=
  i386 and amd64 equipment.=0A=
  =0A=
  Qjail requires no knowledge of the jail command usage. It uses "nullfs" =
 for=0A=
 diff -ruN qjail-3.2/pkg-plist qjail/pkg-plist=0A=
 --- qjail-3.2/pkg-plist	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/pkg-plist	2014-04-29 18:01:18.000000000 -0400=0A=
 @@ -3,9 +3,6 @@=0A=
  bin/qjail.vnet.ng=0A=
  etc/qjail.portsnap.conf=0A=
  etc/rc.d/qjail.bootime=0A=
 -%%EXAMPLESDIR%%/upgrade-info.txt=0A=
 -%%EXAMPLESDIR%%/vnet/jail.amd64=0A=
 -%%EXAMPLESDIR%%/vnet/jail.i386=0A=
  %%EXAMPLESDIR%%/vnet/ipfw.rules.host=0A=
  %%EXAMPLESDIR%%/vnet/ipfw.rules.vnet=0A=
  %%EXAMPLESDIR%%/vnet/ipf.rules.host=0A=
 
 ------=_NextPart_000_0000_01CF6550.A6B3BD20--
 
 

From: Dreamcat4 <dreamcat4@gmail.com>
To: bug-followup@freebsd.org, qjail@a1poweruser.com
Cc:  
Subject: Re: ports/189120: [Maintainer update] sysutils/qjail maintenance
 &amp; enhancements
Date: Thu, 1 May 2014 21:34:48 +0100

 --089e0158ad3802af8f04f85c9b8d
 Content-Type: text/plain; charset=UTF-8
 
 Thanks. It's just a very small change, but fixes my issue. Please consider
 that matter resolved in the latest update.
 
 --089e0158ad3802af8f04f85c9b8d
 Content-Type: text/html; charset=UTF-8
 
 <div dir="ltr">Thanks. It&#39;s just a very small change, but fixes my issue. Please consider that matter resolved in the latest update.</div>
 
 --089e0158ad3802af8f04f85c9b8d--

From: "qjail" <qjail@a1poweruser.com>
To: <bug-followup@FreeBSD.org>,
	"qjail" <qjail@a1poweruser.com>
Cc:  
Subject: Re: ports/189120: [Maintainer update] sysutils/qjail  maintenance &amp; enhancements
Date: Thu, 8 May 2014 12:10:28 -0400

 This is a multi-part message in MIME format.
 
 ------=_NextPart_000_0000_01CF6AB6.806887C0
 Content-Type: text/plain;
 	charset="iso-8859-1"
 Content-Transfer-Encoding: 7bit
 
 Have made last minute changes for continued support of Dreamcat4's
 NAS4Free project and added fix for pkgng.
 
 New Make files diff attached.
 Corrected the "CONFLICTS_INSTALL" statement.
 ------=_NextPart_000_0000_01CF6AB6.806887C0
 Content-Type: application/octet-stream;
 	name="qjail-3.3_port_diff"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: attachment;
 	filename="qjail-3.3_port_diff"
 
 Files qjail-3.2/.svn/wc.db and qjail/.svn/wc.db differ=0A=
 diff -ruN qjail-3.2/Makefile qjail/Makefile=0A=
 --- qjail-3.2/Makefile	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/Makefile	2014-05-01 12:15:01.000000000 -0400=0A=
 @@ -2,7 +2,7 @@=0A=
  # $FreeBSD: head/sysutils/qjail/Makefile 327772 2013-09-20 23:05:58Z =
 bapt $=0A=
  =0A=
  PORTNAME=3D	qjail=0A=
 -PORTVERSION=3D	3.2=0A=
 +PORTVERSION=3D	3.3=0A=
  CATEGORIES=3D	sysutils=0A=
  MASTER_SITES=3D	SF/${PORTNAME}=0A=
  =0A=
 @@ -15,7 +15,7 @@=0A=
  =0A=
  MAN8=3D		qjail.8 qjail-intro.8 qjail-howto.8=0A=
  =0A=
 -CONFLICTS_INSTALL=3D	qjail-2.*=0A=
 +CONFLICTS_INSTALL=3D	qjail-2.* qjail-3.0 qjail-3.1 =0A=
  =0A=
  NO_STAGE=3D	yes=0A=
  post-patch:=0A=
 diff -ruN qjail-3.2/distinfo qjail/distinfo=0A=
 --- qjail-3.2/distinfo	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/distinfo	2014-05-08 11:05:17.000000000 -0400=0A=
 @@ -1,2 +1,2 @@=0A=
 -SHA256 (qjail-3.2.tar.bz2) =3D =
 3088c1946e720ddc3fb6f78254f8616951de3a90f0e6e0dfbd4d49c16febe697=0A=
 -SIZE (qjail-3.2.tar.bz2) =3D 121560=0A=
 +SHA256 (qjail-3.3.tar.bz2) =3D =
 aa5d030e32b6cf2d5888d8ebbf39c929efa1f620a63ceefc4b219d4196c9e8a1=0A=
 +SIZE (qjail-3.3.tar.bz2) =3D 61449=0A=
 diff -ruN qjail-3.2/files/pkg-message.in qjail/files/pkg-message.in=0A=
 --- qjail-3.2/files/pkg-message.in	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/files/pkg-message.in	2014-05-08 11:31:12.000000000 -0400=0A=
 @@ -10,9 +10,13 @@=0A=
  =0A=
  ########################################################################=0A=
  =0A=
 +If your host is running 10.0-RELEASE be sure you apply system security =0A=
 +update. You need to be at 10.0-RELEASE-p2.  Run the following command=0A=
 +to apply system security updates.=0A=
 +   freebsd-update  fetch =0A=
 +   freebsd-update  install=0A=
  =0A=
 -For instructions on upgrading jail filesystems=0A=
 -Read %%EXAMPLESDIR%%/upgrade-info.txt=0A=
 +########################################################################=0A=
  =0A=
  =0A=
  =0A=
 diff -ruN qjail-3.2/pkg-descr qjail/pkg-descr=0A=
 --- qjail-3.2/pkg-descr	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/pkg-descr	2014-04-29 18:06:14.000000000 -0400=0A=
 @@ -1,16 +1,17 @@=0A=
  Qjail [ q =3D quick ] is a 4th generation wrapper for the basic chroot =
 jail=0A=
  system that includes security and performance enhancements. Plus a new =
 level=0A=
  of "user friendliness" enhancements dealing with deploying just a few =
 jails or=0A=
 -large jail environments consisting of 100's of jails.=0A=
 +large scale jail environments consisting of 100's of jails.=0A=
  =0A=
  This version of qjail has been converted from using the legacy =
 rc.d-method as =0A=
  used in all previous versions of qjail, to using the jail(8) =
 jail.conf-method =0A=
 -available in RELEASE-9.1. This upgrade provides the ability to enable =
 the =0A=
 -following new options on a per-jail basis. exec.fib, allow.raw_sockets, =0A=
 -allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, =
 securelevel, =0A=
 +available in RELEASE-9.1 which contained many bugs, some that were =
 fixed in=0A=
 +RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the =
 ability=0A=
 +to enable the following new options on a per-jail basis. exec.fib, =
 securelevel,=0A=
 +allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, =
 cpuset.id,=0A=
  vnet.interface, and vnet. The vnet option gives a jail its own network =
 stack =0A=
 -using the experimental vimage software. This qjail version is not =
 functional =0A=
 -for RELEASES older than RELEASE-9.1. The vnet option has only been =
 tested on =0A=
 +using the experimental vimage software. This qjail version is not =
 intended=0A=
 +for RELEASES older than RELEASE-10.0. The vnet option has only been =
 tested on =0A=
  i386 and amd64 equipment.=0A=
  =0A=
  Qjail requires no knowledge of the jail command usage. It uses "nullfs" =
 for=0A=
 diff -ruN qjail-3.2/pkg-plist qjail/pkg-plist=0A=
 --- qjail-3.2/pkg-plist	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/pkg-plist	2014-04-29 18:01:18.000000000 -0400=0A=
 @@ -3,9 +3,6 @@=0A=
  bin/qjail.vnet.ng=0A=
  etc/qjail.portsnap.conf=0A=
  etc/rc.d/qjail.bootime=0A=
 -%%EXAMPLESDIR%%/upgrade-info.txt=0A=
 -%%EXAMPLESDIR%%/vnet/jail.amd64=0A=
 -%%EXAMPLESDIR%%/vnet/jail.i386=0A=
  %%EXAMPLESDIR%%/vnet/ipfw.rules.host=0A=
  %%EXAMPLESDIR%%/vnet/ipfw.rules.vnet=0A=
  %%EXAMPLESDIR%%/vnet/ipf.rules.host=0A=
 
 ------=_NextPart_000_0000_01CF6AB6.806887C0--
 
 

From: "joeb1" <joeb1@a1poweruser.com>
To: <bug-followup@FreeBSD.org>,
	"qjail" <qjail@a1poweruser.com>
Cc:  
Subject: Re: ports/189120: [Maintainer update] sysutils/qjail  maintenance &amp; enhancements
Date: Fri, 9 May 2014 13:15:39 -0400

 This is a multi-part message in MIME format.
 
 ------=_NextPart_000_0002_01CF6B88.C6123500
 Content-Type: text/plain;
 	charset="iso-8859-1"
 Content-Transfer-Encoding: 7bit
 
 Since it is taking so long to get this port committed I have time us the
 same pr and refresh the port after making more changes to the port.
 
 To the committer: Please add the following list of changes to the ports
 change file when you do the committee.
 
 1. Fix typo in qjail.8 manual.
    Change "See jailip below" to "See -4 option"
 
 2. Fix typo in qjail-howto.8 manual as per PR# 186269.
    Change a comma , inside of ip address to a . period.
    73.x.97,51,10.0.10.126  to  73.x.97.51,10.0.10.126
 
 3. Change qjail.portsnap.conf,
    remove index-6 index-7 index-8 statements
    replace index-9 with index-10
 
 4. Removed rcvar=`set_rcvar` statement from qjail.bootime script.
    In Release 10.0 its no longer included in the rc.d scripts and
    was causing a non-harmful bogus boot time message. But this
    de-activated the ability to control the selection of boot time
    starting of jails using the qjail_enable="YES" statement in
    the hosts /etc/rc.conf. Put rcvar="qjail_enable" in qjail.bootime
    script and things work as expected.
 
 5. Correct coding bug in archive logic to archive sharedfs per zone.
 
 6. Correct coding bug for Sanity check to see if any jails are running.
 
 7. Changed "qjail install" logic to check that this version of qjail only
    runs on release-10.0. This is due to unique properties of jail(8) & rc.d
    that are not in 9.2 and older releases.
 
 8. Changed "qjail create" and "qjail config" logic to check if the
    -4 and/or -6 IP address are prefixed with "<if_device>|" and/or
    suffixed with "/<netmask>" values. jail(8) says this is valid syntax,
    but its NOT allowed as valid syntax to qjail.
 
 9. Changed "qjail create" logic to check if no -n value was entered. If not
    then populate the -n value with the interface default nic device name
    obtained from route command. This is now the automatic default behavior.
    The default interface is the one connected to the public internet.
    This shortens the "qjail create command" and forces the use of the
    automatic creation and deletion of the alias for the jails IP address
    on that "network interface name". Made appropriate changes to qjail.8
    man page documentation.
 
 10. Changed "qjail create" logic to target another zones archives as input
     source. Now you can use any zones archive file as a template to create
     a new jail using the existing -a option. New -A option is coded with the
     zone name of the target archive file name populating the -a value.
     Made appropriate changes to qjail.8 man page documentation.
 
 11. Added -S option to "qjail update" This option will copy the hosts
 /usr/src
     filesystem to sharedfs/usr/src to be shared among all the jails.
     Made appropriate changes to qjail.8 man page documentation.
 
 12. Add -P option to "qjail update" This option will copy the hosts
 /usr/ports
     filesystem to sharedfs/usr/ports to be shared among all the jails.
     Made appropriate changes to qjail.8 man page documentation.
 
 13. The long time jail(8) bug since 9.1 that deals with the jails /dev
 directory
     which allowed the jail to access things jail should be restricted from
     became fixed with 10.0-RELEASE-p2. The hosts /etc/defaults/rc.conf
     devfs_load_rulesets="NO" changed to devfs_load_rulesets="YES"
     Removed the jail.conf work-a-round statements from the qjail script
     build_config_def routine as they are no longer needed.
 
 
 
 ------=_NextPart_000_0002_01CF6B88.C6123500
 Content-Type: application/octet-stream;
 	name="qjail-3.3_port_diff"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: attachment;
 	filename="qjail-3.3_port_diff"
 
 Files qjail-3.2/.svn/wc.db and qjail/.svn/wc.db differ=0A=
 diff -ruN qjail-3.2/Makefile qjail/Makefile=0A=
 --- qjail-3.2/Makefile	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/Makefile	2014-05-01 12:15:01.000000000 -0400=0A=
 @@ -2,7 +2,7 @@=0A=
  # $FreeBSD: head/sysutils/qjail/Makefile 327772 2013-09-20 23:05:58Z =
 bapt $=0A=
  =0A=
  PORTNAME=3D	qjail=0A=
 -PORTVERSION=3D	3.2=0A=
 +PORTVERSION=3D	3.3=0A=
  CATEGORIES=3D	sysutils=0A=
  MASTER_SITES=3D	SF/${PORTNAME}=0A=
  =0A=
 @@ -15,7 +15,7 @@=0A=
  =0A=
  MAN8=3D		qjail.8 qjail-intro.8 qjail-howto.8=0A=
  =0A=
 -CONFLICTS_INSTALL=3D	qjail-2.*=0A=
 +CONFLICTS_INSTALL=3D	qjail-2.* qjail-3.0 qjail-3.1 =0A=
  =0A=
  NO_STAGE=3D	yes=0A=
  post-patch:=0A=
 diff -ruN qjail-3.2/distinfo qjail/distinfo=0A=
 --- qjail-3.2/distinfo	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/distinfo	2014-05-09 11:40:40.000000000 -0400=0A=
 @@ -1,2 +1,2 @@=0A=
 -SHA256 (qjail-3.2.tar.bz2) =3D =
 3088c1946e720ddc3fb6f78254f8616951de3a90f0e6e0dfbd4d49c16febe697=0A=
 -SIZE (qjail-3.2.tar.bz2) =3D 121560=0A=
 +SHA256 (qjail-3.3.tar.bz2) =3D =
 263bf7ff60a2d266ff3a4b39c1ccaf6a1114e22128fa0110351bc6c5d782c525=0A=
 +SIZE (qjail-3.3.tar.bz2) =3D 61485=0A=
 diff -ruN qjail-3.2/files/pkg-message.in qjail/files/pkg-message.in=0A=
 --- qjail-3.2/files/pkg-message.in	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/files/pkg-message.in	2014-05-09 11:42:20.000000000 -0400=0A=
 @@ -10,9 +10,13 @@=0A=
  =0A=
  ########################################################################=0A=
  =0A=
 +If your host is running 10.0-RELEASE be sure you apply system security =0A=
 +update. You need to be at 10.0-RELEASE-p2.  Run the following commands=0A=
 +to apply system security updates.=0A=
 +   freebsd-update  fetch =0A=
 +   freebsd-update  install=0A=
  =0A=
 -For instructions on upgrading jail filesystems=0A=
 -Read %%EXAMPLESDIR%%/upgrade-info.txt=0A=
 +########################################################################=0A=
  =0A=
  =0A=
  =0A=
 diff -ruN qjail-3.2/pkg-descr qjail/pkg-descr=0A=
 --- qjail-3.2/pkg-descr	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/pkg-descr	2014-04-29 18:06:14.000000000 -0400=0A=
 @@ -1,16 +1,17 @@=0A=
  Qjail [ q =3D quick ] is a 4th generation wrapper for the basic chroot =
 jail=0A=
  system that includes security and performance enhancements. Plus a new =
 level=0A=
  of "user friendliness" enhancements dealing with deploying just a few =
 jails or=0A=
 -large jail environments consisting of 100's of jails.=0A=
 +large scale jail environments consisting of 100's of jails.=0A=
  =0A=
  This version of qjail has been converted from using the legacy =
 rc.d-method as =0A=
  used in all previous versions of qjail, to using the jail(8) =
 jail.conf-method =0A=
 -available in RELEASE-9.1. This upgrade provides the ability to enable =
 the =0A=
 -following new options on a per-jail basis. exec.fib, allow.raw_sockets, =0A=
 -allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, =
 securelevel, =0A=
 +available in RELEASE-9.1 which contained many bugs, some that were =
 fixed in=0A=
 +RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the =
 ability=0A=
 +to enable the following new options on a per-jail basis. exec.fib, =
 securelevel,=0A=
 +allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, =
 cpuset.id,=0A=
  vnet.interface, and vnet. The vnet option gives a jail its own network =
 stack =0A=
 -using the experimental vimage software. This qjail version is not =
 functional =0A=
 -for RELEASES older than RELEASE-9.1. The vnet option has only been =
 tested on =0A=
 +using the experimental vimage software. This qjail version is not =
 intended=0A=
 +for RELEASES older than RELEASE-10.0. The vnet option has only been =
 tested on =0A=
  i386 and amd64 equipment.=0A=
  =0A=
  Qjail requires no knowledge of the jail command usage. It uses "nullfs" =
 for=0A=
 diff -ruN qjail-3.2/pkg-plist qjail/pkg-plist=0A=
 --- qjail-3.2/pkg-plist	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/pkg-plist	2014-04-29 18:01:18.000000000 -0400=0A=
 @@ -3,9 +3,6 @@=0A=
  bin/qjail.vnet.ng=0A=
  etc/qjail.portsnap.conf=0A=
  etc/rc.d/qjail.bootime=0A=
 -%%EXAMPLESDIR%%/upgrade-info.txt=0A=
 -%%EXAMPLESDIR%%/vnet/jail.amd64=0A=
 -%%EXAMPLESDIR%%/vnet/jail.i386=0A=
  %%EXAMPLESDIR%%/vnet/ipfw.rules.host=0A=
  %%EXAMPLESDIR%%/vnet/ipfw.rules.vnet=0A=
  %%EXAMPLESDIR%%/vnet/ipf.rules.host=0A=
 
 ------=_NextPart_000_0002_01CF6B88.C6123500--
 
 
State-Changed-From-To: open->feedback 
State-Changed-By: pi 
State-Changed-When: Tue May 13 18:50:26 UTC 2014 
State-Changed-Why:  
testing@work 

http://www.freebsd.org/cgi/query-pr.cgi?pr=189120 
Responsible-Changed-From-To: freebsd-ports-bugs->pi 
Responsible-Changed-By: pi 
Responsible-Changed-When: Tue May 13 19:06:42 UTC 2014 
Responsible-Changed-Why:  
After the test: please add staging to your patch. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=189120 

From: "qjail" <qjail@a1poweruser.com>
To: <bug-followup@FreeBSD.org>,
	"qjail" <qjail@a1poweruser.com>
Cc: "Kurt Jaeger" <lists@opsec.eu>
Subject: Re: ports/189120: [Maintainer update] sysutils/qjail  maintenance &amp; enhancements
Date: Wed, 14 May 2014 09:40:56 -0400

 This is a multi-part message in MIME format.
 
 ------=_NextPart_000_0000_01CF6F58.9AC460C0
 Content-Type: text/plain;
 	charset="iso-8859-1"
 Content-Transfer-Encoding: 7bit
 
 Added staging to port Makefile
 
 To the committer:
 Please add the following list of changes to the ports change file when you
 do the commit.
 
 
 1. Fix typo in qjail.8 manual.
    Change "See jailip below" to "See -4 option"
 
 2. Fix typo in qjail-howto.8 manual as per PR# 186269.
    Change a comma , inside of ip address to a . period.
    73.x.97,51,10.0.10.126  to  73.x.97.51,10.0.10.126
 
 3. Change qjail.portsnap.conf,
    remove index-6 index-7 index-8 statements
    replace index-9 with index-10
 
 4. Removed rcvar=`set_rcvar` statement from qjail.bootime script.
    In Release 10.0 its no longer included in the rc.d scripts and
    was causing a non-harmful bogus boot time message. But this
    de-activated the ability to control the selection of boot time
    starting of jails using the qjail_enable="YES" statement in
    the hosts /etc/rc.conf. Put rcvar="qjail_enable" in qjail.bootime
    script and things work as exspected.
 
 5. Correct coding bug in archive logic to archive sharedfs per zone.
 
 6. Correct coding bug for Sanity check to see if any jails are running.
 
 7. Changed "qjail install" logic to check that this version of qjail only
    runs on release-10.0. This is due to unique properties of jail(8) & rc.d
    that are not in 9.2 and older releases.
 
 8. Changed "qjail create" and "qjail config" logic to check if the
    -4 and/or -6 IP address are prefixed with "<if_device>|" and/or
    suffixed with "/<netmask>" values. jail(8) says this is valid syntax,
    but its NOT allowed as valid syntax to qjail.
 
 9. Changed "qjail create" logic to check if no -n value was entered. If not
    then populate the -n value with the interface default nic device name
    obtained from route command. This is now the automatic default behavior.
    The default interface is the one connected to the public internet.
    This shortens the "qjail create command" and forces the use of the
    automatic creation and deletation of the alias for the jails IP address
    on that "network interface name". Made appropriate changes to qjail.8
    man page documentation.
 
 10. Changed "qjail create" logic to target another zones archives as input
     source. Now you can use any zones archive file as a template to create
     a new jail using the existing -a option. New -A option is coded with the
     zone name of the target archive file name populating the -a value.
     Made appropriate changes to qjail.8 man page documentation.
 
 11. Added -S option to "qjail update" This option will copy the hosts
 /usr/src
     filesystem to sharedfs/usr/src to be shared among all the jails.
     Made appropriate changes to qjail.8 man page documentation.
 
 12. Add -P option to "qjail update" This option will copy the hosts
 /usr/ports
     filesystem to sharedfs/usr/ports to be shared among all the jails.
     Made appropriate changes to qjail.8 man page documentation.
 
 13. The long time jail(8) bug since 9.1 that deals with the jails /dev
 directory
     which allowed the jail to access things jail should be restricted from
     became fixed with 10.0-RELEASE-p2. The hosts /etc/defaults/rc.conf
     devfs_load_rulesets="NO" changed to devfs_load_rulesets="YES"
     Removed the jail.conf work-a-round statments from the qjail script
     build_config_def routine as they are no longer needed.
 
 14. Converted the Port's Makefile to do "stageing".
 
 ------=_NextPart_000_0000_01CF6F58.9AC460C0
 Content-Type: application/octet-stream;
 	name="qjail-3.3_port_diff"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: attachment;
 	filename="qjail-3.3_port_diff"
 
 Files qjail-3.2/.svn/wc.db and qjail/.svn/wc.db differ=0A=
 diff -ruN qjail-3.2/Makefile qjail/Makefile=0A=
 --- qjail-3.2/Makefile	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/Makefile	2014-05-14 08:17:30.000000000 -0400=0A=
 @@ -2,44 +2,45 @@=0A=
  # $FreeBSD: head/sysutils/qjail/Makefile 327772 2013-09-20 23:05:58Z =
 bapt $=0A=
  =0A=
  PORTNAME=3D	qjail=0A=
 -PORTVERSION=3D	3.2=0A=
 +PORTVERSION=3D	3.3=0A=
  CATEGORIES=3D	sysutils=0A=
  MASTER_SITES=3D	SF/${PORTNAME}=0A=
  =0A=
  MAINTAINER=3D	qjail@a1poweruser.com=0A=
  COMMENT=3D	Utility to quickly deploy and manage jails=0A=
  =0A=
 -USE_BZIP2=3D	yes=0A=
 +USES=3D		tar:bzip2=0A=
  NO_BUILD=3D	yes=0A=
 -SUB_FILES=3D	pkg-message=0A=
 +NEED_ROOT=3D	yes=0A=
  =0A=
 -MAN8=3D		qjail.8 qjail-intro.8 qjail-howto.8=0A=
 +CONFLICTS_INSTALL=3D	qjail-2.* qjail-3.0 qjail-3.1 =0A=
  =0A=
 -CONFLICTS_INSTALL=3D	qjail-2.*=0A=
 +do-install:=0A=
 +	${INSTALL_SCRIPT} ${WRKSRC}/qjail                      \=0A=
 +		${STAGEDIR}${PREFIX}/bin=0A=
 +	${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.be              \=0A=
 +		${STAGEDIR}${PREFIX}/bin=0A=
 +	${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.ng              \=0A=
 +		${STAGEDIR}${PREFIX}/bin=0A=
 +	${INSTALL_SCRIPT} ${WRKSRC}/qjail.bootime              \=0A=
 +		${STAGEDIR}${PREFIX}/etc/rc.d=0A=
 +	${INSTALL_DATA}   ${WRKSRC}/qjail.portsnap.conf        \=0A=
 +		${STAGEDIR}${PREFIX}/etc=0A=
 +	${INSTALL_MAN}    ${WRKSRC}/qjail.8                    \=0A=
 +		${STAGEDIR}${MAN8PREFIX}/man/man8=0A=
 +	${INSTALL_MAN}    ${WRKSRC}/qjail-intro.8              \=0A=
 +		${STAGEDIR}${MAN8PREFIX}/man/man8=0A=
 +	${INSTALL_MAN}    ${WRKSRC}/qjail-howto.8              \=0A=
 +		${STAGEDIR}${MAN8PREFIX}/man/man8=0A=
 +=0A=
 +#	@${MKDIR}          ${STAGEDIR}${EXAMPLESDIR}=0A=
 +#	${INSTALL_DATA}   ${WRKSRC}/jail-primer.html            \=0A=
 +#		${STAGEDIR}${DOCSDIR}=0A=
  =0A=
 -NO_STAGE=3D	yes=0A=
 -post-patch:=0A=
 -	@${FIND} ${WRKSRC} -type f | ${XARGS} ${REINPLACE_CMD} \=0A=
 -		-e 's|/usr/local|${PREFIX}|'=0A=
 -	@${FIND} ${WRKSRC}/examples -name '*.bak' -delete=0A=
  =0A=
 -do-install:=0A=
 -	@${INSTALL_SCRIPT} ${WRKSRC}/qjail ${PREFIX}/bin=0A=
 -	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.be ${PREFIX}/bin=0A=
 -	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.ng ${PREFIX}/bin=0A=
 -	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.bootime ${PREFIX}/etc/rc.d=0A=
 -	@${INSTALL_DATA}   ${WRKSRC}/qjail.portsnap.conf ${PREFIX}/etc=0A=
 -.for i in qjail qjail-intro qjail-howto=0A=
 -	@${INSTALL_MAN}    ${WRKSRC}/${i}.8 ${MAN8PREFIX}/man/man8=0A=
 -.endfor=0A=
  # note examples are mandatory. qjail will not function without them=0A=
 -	@${MKDIR} ${EXAMPLESDIR}=0A=
 +	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}=0A=
  	@(cd ${WRKSRC}/examples/ \=0A=
 -	    && ${COPYTREE_SHARE} \* ${EXAMPLESDIR})=0A=
 -=0A=
 -# Note: Has to be done this way or package version will not contain any=0A=
 -# comments added with @${ECHO_MSG} command.=0A=
 -post-install:=0A=
 -	@${CAT} ${PKGMESSAGE}=0A=
 +	    && ${COPYTREE_SHARE} \* ${STAGEDIR}${EXAMPLESDIR})=0A=
  =0A=
  .include <bsd.port.mk>=0A=
 diff -ruN qjail-3.2/distinfo qjail/distinfo=0A=
 --- qjail-3.2/distinfo	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/distinfo	2014-05-09 11:40:40.000000000 -0400=0A=
 @@ -1,2 +1,2 @@=0A=
 -SHA256 (qjail-3.2.tar.bz2) =3D =
 3088c1946e720ddc3fb6f78254f8616951de3a90f0e6e0dfbd4d49c16febe697=0A=
 -SIZE (qjail-3.2.tar.bz2) =3D 121560=0A=
 +SHA256 (qjail-3.3.tar.bz2) =3D =
 263bf7ff60a2d266ff3a4b39c1ccaf6a1114e22128fa0110351bc6c5d782c525=0A=
 +SIZE (qjail-3.3.tar.bz2) =3D 61485=0A=
 diff -ruN qjail-3.2/files/pkg-message.in qjail/files/pkg-message.in=0A=
 --- qjail-3.2/files/pkg-message.in	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/files/pkg-message.in	1969-12-31 19:00:00.000000000 -0500=0A=
 @@ -1,18 +0,0 @@=0A=
 -=0A=
 -########################################################################=0A=
 -=0A=
 -Use the qjail utility to deploy small or large numbers of jails quickly.=0A=
 -=0A=
 -First issue "rehash" command to enable the qjail command (if using csh).=0A=
 -Then issue "man qjail-intro" to read the qjail introduction.=0A=
 -After reading that do "man qjail" for the usage details.=0A=
 -For the BIG PICTURE issue "man qjail-howto".=0A=
 -=0A=
 -########################################################################=0A=
 -=0A=
 -=0A=
 -For instructions on upgrading jail filesystems=0A=
 -Read %%EXAMPLESDIR%%/upgrade-info.txt=0A=
 -=0A=
 -=0A=
 -=0A=
 diff -ruN qjail-3.2/pkg-descr qjail/pkg-descr=0A=
 --- qjail-3.2/pkg-descr	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/pkg-descr	2014-04-29 18:06:14.000000000 -0400=0A=
 @@ -1,16 +1,17 @@=0A=
  Qjail [ q =3D quick ] is a 4th generation wrapper for the basic chroot =
 jail=0A=
  system that includes security and performance enhancements. Plus a new =
 level=0A=
  of "user friendliness" enhancements dealing with deploying just a few =
 jails or=0A=
 -large jail environments consisting of 100's of jails.=0A=
 +large scale jail environments consisting of 100's of jails.=0A=
  =0A=
  This version of qjail has been converted from using the legacy =
 rc.d-method as =0A=
  used in all previous versions of qjail, to using the jail(8) =
 jail.conf-method =0A=
 -available in RELEASE-9.1. This upgrade provides the ability to enable =
 the =0A=
 -following new options on a per-jail basis. exec.fib, allow.raw_sockets, =0A=
 -allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, =
 securelevel, =0A=
 +available in RELEASE-9.1 which contained many bugs, some that were =
 fixed in=0A=
 +RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the =
 ability=0A=
 +to enable the following new options on a per-jail basis. exec.fib, =
 securelevel,=0A=
 +allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, =
 cpuset.id,=0A=
  vnet.interface, and vnet. The vnet option gives a jail its own network =
 stack =0A=
 -using the experimental vimage software. This qjail version is not =
 functional =0A=
 -for RELEASES older than RELEASE-9.1. The vnet option has only been =
 tested on =0A=
 +using the experimental vimage software. This qjail version is not =
 intended=0A=
 +for RELEASES older than RELEASE-10.0. The vnet option has only been =
 tested on =0A=
  i386 and amd64 equipment.=0A=
  =0A=
  Qjail requires no knowledge of the jail command usage. It uses "nullfs" =
 for=0A=
 diff -ruN qjail-3.2/pkg-message qjail/pkg-message=0A=
 --- qjail-3.2/pkg-message	1969-12-31 19:00:00.000000000 -0500=0A=
 +++ qjail/pkg-message	2014-05-14 08:14:49.000000000 -0400=0A=
 @@ -0,0 +1,22 @@=0A=
 +=0A=
 +########################################################################=0A=
 +=0A=
 +Use the qjail utility to deploy small or large numbers of jails quickly.=0A=
 +=0A=
 +First issue "rehash" command to enable the qjail command (if using csh).=0A=
 +Then issue "man qjail-intro" to read the qjail introduction.=0A=
 +After reading that do "man qjail" for the usage details.=0A=
 +For the BIG PICTURE issue "man qjail-howto".=0A=
 +=0A=
 +########################################################################=0A=
 +=0A=
 +If your host is running 10.0-RELEASE be sure you apply system security =0A=
 +update. You need to be at 10.0-RELEASE-p2.  Run the following commands=0A=
 +to apply system security updates.=0A=
 +   freebsd-update  fetch =0A=
 +   freebsd-update  install=0A=
 +=0A=
 +########################################################################=0A=
 +=0A=
 +=0A=
 +=0A=
 diff -ruN qjail-3.2/pkg-plist qjail/pkg-plist=0A=
 --- qjail-3.2/pkg-plist	2014-05-01 12:13:20.000000000 -0400=0A=
 +++ qjail/pkg-plist	2014-05-14 08:47:06.000000000 -0400=0A=
 @@ -3,9 +3,9 @@=0A=
  bin/qjail.vnet.ng=0A=
  etc/qjail.portsnap.conf=0A=
  etc/rc.d/qjail.bootime=0A=
 -%%EXAMPLESDIR%%/upgrade-info.txt=0A=
 -%%EXAMPLESDIR%%/vnet/jail.amd64=0A=
 -%%EXAMPLESDIR%%/vnet/jail.i386=0A=
 +man/man8/qjail.8.gz=0A=
 +man/man8/qjail-intro.8.gz=0A=
 +man/man8/qjail-howto.8.gz=0A=
  %%EXAMPLESDIR%%/vnet/ipfw.rules.host=0A=
  %%EXAMPLESDIR%%/vnet/ipfw.rules.vnet=0A=
  %%EXAMPLESDIR%%/vnet/ipf.rules.host=0A=
 @@ -17,6 +17,7 @@=0A=
  %%EXAMPLESDIR%%/default/etc/periodic.conf=0A=
  %%EXAMPLESDIR%%/default/etc/rc.conf=0A=
  %%EXAMPLESDIR%%/default/root/.cshrc=0A=
 +%%EXAMPLESDIR%%/default/usr/local/etc/pkg.conf=0A=
  %%EXAMPLESDIR%%/default/usr/local/etc/sudoers=0A=
  %%EXAMPLESDIR%%/ssh-default/etc/group=0A=
  %%EXAMPLESDIR%%/ssh-default/etc/make.conf=0A=
 @@ -37,6 +38,7 @@=0A=
  %%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.profile=0A=
  %%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.rhosts=0A=
  %%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.shrc=0A=
 +%%EXAMPLESDIR%%/ssh-default/usr/local/etc/pkg.conf=0A=
  %%EXAMPLESDIR%%/ssh-default/usr/local/etc/sudoers=0A=
  @dirrm %%EXAMPLESDIR%%/default/usr/local/etc=0A=
  @dirrm %%EXAMPLESDIR%%/default/usr/local=0A=
 
 ------=_NextPart_000_0000_01CF6F58.9AC460C0--
 
 

From: Kurt Jaeger <pi@opsec.eu>
To: qjail <qjail@a1poweruser.com>
Cc: bug-followup@FreeBSD.org, Kurt Jaeger <lists@opsec.eu>
Subject: Re: ports/189120: [Maintainer update] sysutils/qjail  maintenance
 &amp; enhancements
Date: Wed, 14 May 2014 16:06:01 +0200

 Hi!
 
 > Added staging to port Makefile
 
 Thanks.
 
 > To the committer:
 > Please add the following list of changes to the ports change file when you
 > do the commit.
 
 Would you mind to write this in the ChangeLog and add the ChangeLog
 to the .tgz ? It's a bit much for the commit log.
 
 -- 
 pi@opsec.eu            +49 171 3101372                         6 years to go !

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/189120: commit references a PR
Date: Thu, 15 May 2014 10:40:25 +0000 (UTC)

 Author: pi
 Date: Thu May 15 10:40:19 2014
 New Revision: 354105
 URL: http://svnweb.freebsd.org/changeset/ports/354105
 QAT: https://qat.redports.org/buildarchive/r354105/
 
 Log:
   sysutils/qjail: upgrade 3.2 -> 3.3
   
   1. Fix typo in qjail.8 manual.
   Change "See jailip below" to "See -4 option"
   
   2. Fix typo in qjail-howto.8 manual as per PR# 186269.
   Change a comma , inside of ip address to a . period.
   73.x.97,51,10.0.10.126 to 73.x.97.51,10.0.10.126
   
   3. Change qjail.portsnap.conf,
   remove index-6 index-7 index-8 statements
   replace index-9 with index-10
   
   4. Removed rcvar=`set_rcvar` statement from qjail.bootime script.
   In Release 10.0 its no longer included in the rc.d scripts and
   was causing a non-harmful bogus boot time message. But this
   de-activated the ability to control the selection of boot time
   starting of jails using the qjail_enable="YES" statement in
   the hosts /etc/rc.conf. Put rcvar="qjail_enable" in qjail.bootime
   script and things work as exspected.
   
   5. Correct coding bug in archive logic to archive sharedfs per zone.
   
   6. Correct coding bug for Sanity check to see if any jails are running.
   
   7. Changed "qjail install" logic to check that this version of qjail only
   runs on release-10.0. This is due to unique properties of jail(8) & rc.d
   that are not in 9.2 and older releases.
   
   8. Changed "qjail create" and "qjail config" logic to check if the
   -4 and/or -6 IP address are prefixed with "<if_device>|" and/or
   suffixed with "/<netmask>" values. jail(8) says this is valid syntax,
   but its NOT allowed as valid syntax to qjail.
   
   9. Changed "qjail create" logic to check if no -n value was entered. If not
   then populate the -n value with the interface default nic device name
   obtained from route command. This is now the automatic default behavior.
   The default interface is the one connected to the public internet.
   This shortens the "qjail create command" and forces the use of the
   automatic creation and deletation of the alias for the jails IP address
   on that "network interface name". Made appropriate changes to qjail.8
   man page documentation.
   
   10. Changed "qjail create" logic to target another zones archives as input
   source. Now you can use any zones archive file as a template to create
   a new jail using the existing -a option. New -A option is coded with the
   zone name of the target archive file name populating the -a value.
   Made appropriate changes to qjail.8 man page documentation.
   
   11. Added -S option to "qjail update" This option will copy the hosts
   /usr/src filesystem to sharedfs/usr/src to be shared among all the jails.
   Made appropriate changes to qjail.8 man page documentation.
   
   12. Add -P option to "qjail update" This option will copy the hosts
   /usr/ports filesystem to sharedfs/usr/ports to be shared among all the jails.
   Made appropriate changes to qjail.8 man page documentation.
   
   13. The long time jail(8) bug since 9.1 that deals with the jails /dev
   directory which allowed the jail to access things jail should be restricted
   from became fixed with 10.0-RELEASE-p2. The hosts /etc/defaults/rc.conf
   devfs_load_rulesets="NO" changed to devfs_load_rulesets="YES"
   Removed the jail.conf work-a-round statments from the qjail script
   build_config_def routine as they are no longer needed.
   
   14. Converted the Port's Makefile to do "stageing".
   
   PR:             ports/189120
   Submitted by:   Joe Barbish (maintainer)
   Approved by:    culot (mentor)
 
 Added:
   head/sysutils/qjail/pkg-message   (contents, props changed)
 Deleted:
   head/sysutils/qjail/files/
 Modified:
   head/sysutils/qjail/Makefile
   head/sysutils/qjail/distinfo
   head/sysutils/qjail/pkg-descr
   head/sysutils/qjail/pkg-plist
 
 Modified: head/sysutils/qjail/Makefile
 ==============================================================================
 --- head/sysutils/qjail/Makefile	Thu May 15 08:27:53 2014	(r354104)
 +++ head/sysutils/qjail/Makefile	Thu May 15 10:40:19 2014	(r354105)
 @@ -2,44 +2,39 @@
  # $FreeBSD$
  
  PORTNAME=	qjail
 -PORTVERSION=	3.2
 +PORTVERSION=	3.3
  CATEGORIES=	sysutils
  MASTER_SITES=	SF/${PORTNAME}
  
  MAINTAINER=	qjail@a1poweruser.com
  COMMENT=	Utility to quickly deploy and manage jails
  
 -USE_BZIP2=	yes
 +USES=		tar:bzip2
  NO_BUILD=	yes
 -SUB_FILES=	pkg-message
 +NEED_ROOT=	yes
  
 -MAN8=		qjail.8 qjail-intro.8 qjail-howto.8
 -
 -CONFLICTS_INSTALL=	qjail-2.*
 -
 -NO_STAGE=	yes
 -post-patch:
 -	@${FIND} ${WRKSRC} -type f | ${XARGS} ${REINPLACE_CMD} \
 -		-e 's|/usr/local|${PREFIX}|'
 -	@${FIND} ${WRKSRC}/examples -name '*.bak' -delete
 +CONFLICTS_INSTALL=	qjail-2.* qjail-3.0 qjail-3.1 
  
  do-install:
 -	@${INSTALL_SCRIPT} ${WRKSRC}/qjail ${PREFIX}/bin
 -	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.be ${PREFIX}/bin
 -	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.vnet.ng ${PREFIX}/bin
 -	@${INSTALL_SCRIPT} ${WRKSRC}/qjail.bootime ${PREFIX}/etc/rc.d
 -	@${INSTALL_DATA}   ${WRKSRC}/qjail.portsnap.conf ${PREFIX}/etc
 +.for i in qjail qjail.vnet.be qjail.vnet.ng
 +	${INSTALL_SCRIPT} ${WRKSRC}/${i} ${STAGEDIR}${PREFIX}/bin
 +.endfor
 +	${INSTALL_SCRIPT} ${WRKSRC}/qjail.bootime              \
 +		${STAGEDIR}${PREFIX}/etc/rc.d
 +	${INSTALL_DATA}   ${WRKSRC}/qjail.portsnap.conf        \
 +		${STAGEDIR}${PREFIX}/etc
  .for i in qjail qjail-intro qjail-howto
 -	@${INSTALL_MAN}    ${WRKSRC}/${i}.8 ${MAN8PREFIX}/man/man8
 +	${INSTALL_MAN}   ${WRKSRC}/${i}.8 ${STAGEDIR}${MAN8PREFIX}/man/man8
  .endfor
 +
 +#	@${MKDIR}          ${STAGEDIR}${EXAMPLESDIR}
 +#	${INSTALL_DATA}   ${WRKSRC}/jail-primer.html            \
 +#		${STAGEDIR}${DOCSDIR}
 +
 +
  # note examples are mandatory. qjail will not function without them
 -	@${MKDIR} ${EXAMPLESDIR}
 +	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
  	@(cd ${WRKSRC}/examples/ \
 -	    && ${COPYTREE_SHARE} \* ${EXAMPLESDIR})
 -
 -# Note: Has to be done this way or package version will not contain any
 -# comments added with @${ECHO_MSG} command.
 -post-install:
 -	@${CAT} ${PKGMESSAGE}
 +	    && ${COPYTREE_SHARE} \* ${STAGEDIR}${EXAMPLESDIR})
  
  .include <bsd.port.mk>
 
 Modified: head/sysutils/qjail/distinfo
 ==============================================================================
 --- head/sysutils/qjail/distinfo	Thu May 15 08:27:53 2014	(r354104)
 +++ head/sysutils/qjail/distinfo	Thu May 15 10:40:19 2014	(r354105)
 @@ -1,2 +1,2 @@
 -SHA256 (qjail-3.2.tar.bz2) = 3088c1946e720ddc3fb6f78254f8616951de3a90f0e6e0dfbd4d49c16febe697
 -SIZE (qjail-3.2.tar.bz2) = 121560
 +SHA256 (qjail-3.3.tar.bz2) = 263bf7ff60a2d266ff3a4b39c1ccaf6a1114e22128fa0110351bc6c5d782c525
 +SIZE (qjail-3.3.tar.bz2) = 61485
 
 Modified: head/sysutils/qjail/pkg-descr
 ==============================================================================
 --- head/sysutils/qjail/pkg-descr	Thu May 15 08:27:53 2014	(r354104)
 +++ head/sysutils/qjail/pkg-descr	Thu May 15 10:40:19 2014	(r354105)
 @@ -1,16 +1,17 @@
  Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
  system that includes security and performance enhancements. Plus a new level
  of "user friendliness" enhancements dealing with deploying just a few jails or
 -large jail environments consisting of 100's of jails.
 +large scale jail environments consisting of 100's of jails.
  
  This version of qjail has been converted from using the legacy rc.d-method as 
  used in all previous versions of qjail, to using the jail(8) jail.conf-method 
 -available in RELEASE-9.1. This upgrade provides the ability to enable the 
 -following new options on a per-jail basis. exec.fib, allow.raw_sockets, 
 -allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id, securelevel, 
 +available in RELEASE-9.1 which contained many bugs, some that were fixed in
 +RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the ability
 +to enable the following new options on a per-jail basis. exec.fib, securelevel,
 +allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id,
  vnet.interface, and vnet. The vnet option gives a jail its own network stack 
 -using the experimental vimage software. This qjail version is not functional 
 -for RELEASES older than RELEASE-9.1. The vnet option has only been tested on 
 +using the experimental vimage software. This qjail version is not intended
 +for RELEASES older than RELEASE-10.0. The vnet option has only been tested on 
  i386 and amd64 equipment.
  
  Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
 
 Added: head/sysutils/qjail/pkg-message
 ==============================================================================
 --- /dev/null	00:00:00 1970	(empty, because file is newly added)
 +++ head/sysutils/qjail/pkg-message	Thu May 15 10:40:19 2014	(r354105)
 @@ -0,0 +1,22 @@
 +
 +########################################################################
 +
 +Use the qjail utility to deploy small or large numbers of jails quickly.
 +
 +First issue "rehash" command to enable the qjail command (if using csh).
 +Then issue "man qjail-intro" to read the qjail introduction.
 +After reading that do "man qjail" for the usage details.
 +For the BIG PICTURE issue "man qjail-howto".
 +
 +########################################################################
 +
 +If your host is running 10.0-RELEASE be sure you apply system security 
 +update. You need to be at 10.0-RELEASE-p2.  Run the following commands
 +to apply system security updates.
 +   freebsd-update  fetch 
 +   freebsd-update  install
 +
 +########################################################################
 +
 +
 +
 
 Modified: head/sysutils/qjail/pkg-plist
 ==============================================================================
 --- head/sysutils/qjail/pkg-plist	Thu May 15 08:27:53 2014	(r354104)
 +++ head/sysutils/qjail/pkg-plist	Thu May 15 10:40:19 2014	(r354105)
 @@ -3,9 +3,9 @@ bin/qjail.vnet.be
  bin/qjail.vnet.ng
  etc/qjail.portsnap.conf
  etc/rc.d/qjail.bootime
 -%%EXAMPLESDIR%%/upgrade-info.txt
 -%%EXAMPLESDIR%%/vnet/jail.amd64
 -%%EXAMPLESDIR%%/vnet/jail.i386
 +man/man8/qjail.8.gz
 +man/man8/qjail-intro.8.gz
 +man/man8/qjail-howto.8.gz
  %%EXAMPLESDIR%%/vnet/ipfw.rules.host
  %%EXAMPLESDIR%%/vnet/ipfw.rules.vnet
  %%EXAMPLESDIR%%/vnet/ipf.rules.host
 @@ -17,6 +17,7 @@ etc/rc.d/qjail.bootime
  %%EXAMPLESDIR%%/default/etc/periodic.conf
  %%EXAMPLESDIR%%/default/etc/rc.conf
  %%EXAMPLESDIR%%/default/root/.cshrc
 +%%EXAMPLESDIR%%/default/usr/local/etc/pkg.conf
  %%EXAMPLESDIR%%/default/usr/local/etc/sudoers
  %%EXAMPLESDIR%%/ssh-default/etc/group
  %%EXAMPLESDIR%%/ssh-default/etc/make.conf
 @@ -37,6 +38,7 @@ etc/rc.d/qjail.bootime
  %%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.profile
  %%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.rhosts
  %%EXAMPLESDIR%%/ssh-default/usr/home/qjail/.shrc
 +%%EXAMPLESDIR%%/ssh-default/usr/local/etc/pkg.conf
  %%EXAMPLESDIR%%/ssh-default/usr/local/etc/sudoers
  @dirrm %%EXAMPLESDIR%%/default/usr/local/etc
  @dirrm %%EXAMPLESDIR%%/default/usr/local
 _______________________________________________
 svn-ports-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-ports-all
 To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: feedback->closed 
State-Changed-By: pi 
State-Changed-When: Thu May 15 10:51:34 UTC 2014 
State-Changed-Why:  
Committed, with minor changes. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=189120 
>Unformatted:
