Page MenuHomeFreeBSD

Fix rc scripts so that nfsd(8), nfsuserd(8), gssd(8) and rpc.tlsservd(8) can run in vnet prisons
ClosedPublic

Authored by rmacklem on Feb 27 2023, 2:43 PM.
Tags
Referenced Files
F161342752: D38809.id118693.diff
Fri, Jul 3, 12:12 AM
Unknown Object (File)
Tue, Jun 30, 7:03 PM
Unknown Object (File)
Sat, Jun 13, 4:36 PM
Unknown Object (File)
Mon, Jun 8, 5:52 AM
Unknown Object (File)
May 24 2026, 4:29 PM
Unknown Object (File)
May 22 2026, 3:42 PM
Unknown Object (File)
May 21 2026, 7:49 PM
Unknown Object (File)
May 21 2026, 4:32 AM
Subscribers

Details

Summary

Once D37741 and D38808 are committed to main,
it will be possible to run these daemons in a vnet
prison if the "allow.nfsd" option is specified in jail.conf.

This patch fixes the rc scripts for this.
Mostly just removes the "nojail" KEYWORD, but also
avoids setting vfs.nfsd.srvmaxio in a prison, since it
must be set outside of the prisons and applies to all
nfsd(8) instances.

Test Plan

These modified scripts have been tested on a system
configured to run nfsd(8) and friends bith inside and
outside of vnet prisons.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

Added a check for the jail being a vnet jail.
Also, mountd got missed and is now in the patch.

Just use the KEYWORD novnetjail to indicate the
daemons can run in a vnet jail, as suggested by jamie@.

Changed novnetjail to nojailvnet.

I missed this when testing, because the daemons
terminate if the jail isn't correctly configured and
I didn't look in /var/log/messages in the jails, to see
if they tried to start up.

This revision is now accepted and ready to land.Mar 12 2023, 5:42 PM