Page MenuHomeFreeBSD
Differential D17697

Fix jail examples in jib, jng, README
ClosedPublic
Actions

Authored by freqlabs on Oct 25 2018, 4:58 AM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 11 2024, 3:23 PM
Unknown Object (File)
Jan 23 2024, 9:13 PM
Unknown Object (File)
Jan 13 2024, 11:14 AM
Unknown Object (File)
Jan 11 2024, 3:50 PM
Unknown Object (File)
Jan 2 2024, 9:55 AM
Unknown Object (File)
Dec 2 2023, 9:46 AM
Unknown Object (File)
Nov 29 2023, 5:02 AM
Unknown Object (File)
Nov 27 2023, 3:32 PM
View All 52 Files
Subscribers
imp

Details

Reviewers
dteske
Commits
rS339977: MFC r339843: Fix jail examples in jib, jng, README
rS339843: Fix jail examples in jib, jng, README
Summary

The provided example jail configs in the jng and jib scripts do not work. Multiple interfaces need to be specified as a comma separated list or using multiple += lines in jail.conf, In the given example, the whole string is used as an interface name, which doesn't work with multiple interfaces listed.

Also added a note to the README about VIMAGE being built in by default on amd64 in FreeBSD 12, with appropriate instructions for loading the necessary netgraph modules, since they are not built in and ng_ether does not autoload.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

freqlabs created this revision.Oct 25 2018, 4:58 AM
Herald added a subscriber: imp. · View Herald TranscriptOct 25 2018, 4:58 AM
dteske requested changes to this revision.Oct 26 2018, 11:10 PM
dteske added inline comments.
share/examples/jails/README
15

Upon reboot, a jail that requires these modules will find that they are no longer loaded. Further, ng_bridge and ng_eiface will be loaded automatically when performing a "mkpeer" via ngctl.

I think we should instead document that one needs to put:

ng_ether_load="YES"

In to /boot/loader.conf as well as perhaps "kldload ng_ether" if a reboot is to be avoided.

This revision now requires changes to proceed.Oct 26 2018, 11:10 PM
freqlabs updated this revision to Diff 49674.Oct 27 2018, 12:31 AM

Addressed feedback by adding instructions for persistent loading of netgraph modules at boot.
(It's documented in rc.conf(5) that kld_list in rc.conf is preferable to loading with *_load in loader.conf because the kernel can load modules faster than loader.)

freqlabs marked an inline comment as done.Oct 27 2018, 12:31 AM
freqlabs added a comment.Oct 27 2018, 12:47 AM

I missed the part about bridge and eiface autoloading, whoops!

freqlabs updated this revision to Diff 49675.Oct 27 2018, 12:54 AM

Addressed feedback that only ng_ether must be manually loaded.

dteske added inline comments.Oct 27 2018, 2:32 AM
share/examples/jails/README
16–19

Perhaps better wording (for your consideration):

# OPTIONAL: Load ng_ether module at boot:
$ sysrc kld_list+=ng_ether
# Load ng_ether at-once:
$ kldload ng_ether
freqlabs added a comment.Oct 27 2018, 2:40 AM

The rest of the examples in the README describe the steps for a persistent configuration and how to immediately bring the system to that state, without calling out the latter part as optional. However this does make me realize that it should be mentioned these steps are only for the jng examples and are not necessary for use of jib.

freqlabs updated this revision to Diff 49676.Oct 27 2018, 2:51 AM
freqlabs edited the summary of this revision. (Show Details)

Reworded text to point out that netgraph modules are only needed for jng.

dteske accepted this revision.Oct 27 2018, 12:25 PM

Looks good.

This revision is now accepted and ready to land.Oct 27 2018, 12:25 PM
dteske added a comment.Oct 27 2018, 12:27 PM

Do you have a commit bit or do you need me to ferry this in?

freqlabs added a comment.Oct 27 2018, 5:25 PM

I do not. Please take it from here. Thanks!

Closed by commit rS339843: Fix jail examples in jib, jng, README (authored by dteske). · Explain WhyOct 28 2018, 6:32 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
share/
examples/
jails/
10 lines
2 lines
2 lines

Diff 49675

View Options

share/examples/jails/README

Loading...
View Options

share/examples/jails/jib

Loading...
View Options

share/examples/jails/jng

Loading...