Page MenuHomeFreeBSD
Differential D38809

Fix rc scripts so that nfsd(8), nfsuserd(8), gssd(8) and rpc.tlsservd(8) can run in vnet prisons
ClosedPublic
Actions

Authored by rmacklem on Feb 27 2023, 2:43 PM.
Tags
Referenced Files
Unknown Object (File)
Thu, May 23, 7:35 PM
Unknown Object (File)
Thu, May 23, 7:35 PM
Unknown Object (File)
Thu, May 23, 7:35 PM
Unknown Object (File)
Tue, May 21, 4:45 AM
Unknown Object (File)
Sun, May 19, 1:56 PM
Unknown Object (File)
Fri, May 17, 12:39 PM
Unknown Object (File)
Fri, May 17, 12:39 PM
Unknown Object (File)
Mon, May 13, 12:59 PM
View All 58 Files
Subscribers
imp

Details

Reviewers
0mp
gbe
jamie
karels
Commits
rG0bb08f21cc5c: rc.d: Fix NFS server startup scripts to enable vnet prison use
Summary

Once D37741 and D38808 are committed to main,
it will be possible to run these daemons in a vnet
prison if the "allow.nfsd" option is specified in jail.conf.

This patch fixes the rc scripts for this.
Mostly just removes the "nojail" KEYWORD, but also
avoids setting vfs.nfsd.srvmaxio in a prison, since it
must be set outside of the prisons and applies to all
nfsd(8) instances.

Test Plan

These modified scripts have been tested on a system
configured to run nfsd(8) and friends bith inside and
outside of vnet prisons.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

rmacklem created this revision.Feb 27 2023, 2:43 PM
Herald added a subscriber: imp. · View Herald TranscriptFeb 27 2023, 2:43 PM
rmacklem requested review of this revision.Feb 27 2023, 2:43 PM
rmacklem updated this revision to Diff 118152.Mar 2 2023, 1:33 AM

Added a check for the jail being a vnet jail.
Also, mountd got missed and is now in the patch.

rmacklem added a reviewer: gbe.Mar 5 2023, 9:15 PM
rmacklem updated this revision to Diff 118672.Mar 11 2023, 10:54 PM

Just use the KEYWORD novnetjail to indicate the
daemons can run in a vnet jail, as suggested by jamie@.

rmacklem added reviewers: jamie, karels.Mar 11 2023, 10:55 PM
jamie added a comment.Mar 12 2023, 3:57 AM

s/novnetjail/nojailvnet/

rmacklem updated this revision to Diff 118680.Mar 12 2023, 1:28 PM

Changed novnetjail to nojailvnet.

I missed this when testing, because the daemons
terminate if the jail isn't correctly configured and
I didn't look in /var/log/messages in the jails, to see
if they tried to start up.

jamie accepted this revision.Mar 12 2023, 5:42 PM
This revision is now accepted and ready to land.Mar 12 2023, 5:42 PM
Closed by commit rG0bb08f21cc5c: rc.d: Fix NFS server startup scripts to enable vnet prison use (authored by rmacklem). · Explain WhyMar 12 2023, 9:35 PM
This revision was automatically updated to reflect the committed changes.
rmacklem added a commit: rG0bb08f21cc5c: rc.d: Fix NFS server startup scripts to enable vnet prison use.

Revision Contents
Changeset List

PathSize
libexec/
rc/
rc.d/
gssd
gssd.vnet
2 lines
mountd
mountd.vnet
2 lines
nfsd
nfsd.vnet
4 lines
nfsuserd
nfsuserd.vnet
2 lines
tlsservd
tlsservd.vnet
2 lines

Diff 118680

View Options

libexec/rc/rc.d/gssd

Loading...
View Options

libexec/rc/rc.d/mountd

Loading...
View Options

libexec/rc/rc.d/nfsd

Loading...
View Options

libexec/rc/rc.d/nfsuserd

Loading...
View Options

libexec/rc/rc.d/tlsservd

Loading...