Page MenuHomeFreeBSD

jail exec.started hook
Needs ReviewPublic

Authored by on May 6 2018, 9:30 PM.



The existing jail start hooks are not sufficient to cover all edge cases. This changes introduce the exec.started hook that is executed on the host after jail start right before exec.start is run inside the jail.

A use-case scenario: A ZFS dataset can be shared with a jail only after it was already started. Without native integration of zfs jail into the jail command or a hook as proposed here, there is no way to make the dataset(s) available to the jail before its services are started. When it comes to non-persistent jails not even the exec.poststart hook can be used to delay the command execution until the ZFS shares are available.

Diff Detail

Lint Skipped
Unit Tests Skipped

Event Timeline

Yes, this is a need that has gone unanswered for a while now.

I'm not crazy about the name - how about exec.created instead of exec.prestart? The "start" namespace seems a little full, and it's not intuitive that "started" would run before "start". I guess with this many steps, nothing is intuitive anymore.

jail(8) will need updating for this, in the same section where exec.prestart is mentioned.

The hook was renamed from exec.started to exec.created and documented in the jail commands man page.

OK, looks good with one last-minute nit: spaces in the jailp.h line where a tab should be

This revision is now accepted and ready to land.Aug 14 2018, 2:58 PM

Replaced whitespaces before IP_EXEC_CREATED comment in jailp.h with tabs.


This revision now requires review to proceed.Aug 14 2018, 4:22 PM