jail: Let a couple of parameter types be specified as lists
ClosedPublic
Actions

Authored by markj on Nov 17 2024, 11:46 PM.

Details

Reviewers

jamie
zlei

Commits

rG48c738b038ac: jail: Let a couple of parameter types be specified as lists

Summary

vnet.interface and zfs.dataset can be used to specify multiple
interfaces/datasets in jail.conf, but not on the command-line, which is
a bit surprising. Extend the handling of ip(4|6).addr to those
parameters, update the description of vnet.interface in jail.8, and add
a rudimentary regression test.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

markj created this revision.Nov 17 2024, 11:46 PM

Herald added a subscriber: imp. · View Herald TranscriptNov 17 2024, 11:46 PM

markj requested review of this revision.Nov 17 2024, 11:46 PM

Harbormaster completed remote builds in B60649: Diff 146626.Nov 17 2024, 11:46 PM

Note that list-based parameters can be specified disjointedly.

Harbormaster completed remote builds in B60650: Diff 146627.Nov 17 2024, 11:53 PM

Manpage LGTM

The tests looks good. I need some time to read the code carefully ...

Looks good to me.

This revision is now accepted and ready to land.Nov 18 2024, 4:55 PM

ivy added a subscriber: ivy.Nov 18 2024, 6:14 PM

Not really part of this specific problem, but jail(8) should auto-recognize list parameters because their SYSCTL_JAIL specification has a type with ",a" appended. Ideally, it would build a list of such parameters it sees like that. For non-kernel parameters like vnet.interface and zfs.dataset, putting them in the array is probably as good as its going to get.

Closed by commit rG48c738b038ac: jail: Let a couple of parameter types be specified as lists (authored by markj). · Explain WhyNov 19 2024, 9:19 PM

This revision was automatically updated to reflect the committed changes.

markj added a commit: rG48c738b038ac: jail: Let a couple of parameter types be specified as lists.