Jan 11 2024
OK for the man page change. Make sure to bump the .Dd when you commit it for this content change.
Thanks for working on this, it's appreciated!
- make some scripts compatible with svcj (convert parts of the precmd into another way of settings variables), precmd is not run inside the same shell/jail = make it work with svcj
- add some support for nfs in svcj, not yet finished (precmd is not comaptible)
- exclude some scripts from svcj due to an incompatible precmd (not run in same shell/jail)
Make jls quiet.
Nov 28 2023
Nov 24 2023
Only rc.d/opensm is missing.
Nov 16 2023
Add support for nfs. Sort the options.
Add config for some more services.
Nov 10 2023
Change what was noticed in comments. Add a feature to enable the execution of extra commands inside the service jail.
Oct 16 2023
Oh and we also have to close it, because it did land! ugh Phabricator is very Project-Management-y :)
Oct 5 2023
Two fixes for the man page.
Sep 21 2023
Sep 15 2023
The overall idea seems ok to me for what it's worth, my comments are about cosmetic issues.
Jul 11 2023
Jun 19 2023
Jun 15 2023
Jun 14 2023
My comments have been addressed and I think it makes sense to go ahead with the proposed patches.
Jun 13 2023
Jun 12 2023
The jail_name variable must be initialised to NULL. This should be done through an explicit char * jail_name = NULL; in line 101 of route.c.
Jun 9 2023
Jun 7 2023
Commited in eb5bfdd06565. I forgot to add the review to the commit message :-/
Jun 6 2023
Jun 5 2023
Jun 4 2023
I've committed the "jails can include jails" and "use the recursive parser" bits separately. This new diff is just the part that handles the includes.
IMHO this is superseded by https://reviews.freebsd.org/D40188
Jun 1 2023
Just a small nitpick: I would prefer a macro #define MAX_INCLUDE_DEPTH 32 or constant static const unsigned int max_include_depth = 32; somewhere above the include_config() in config.c instead of the literal to improve readability.
May 31 2023
Simple include-loop prevention with via a maximum depth counter.
May 23 2023
True, they're not handled. I took my include inspiration from newsyslog (which has includes that also support globbing), and there it's also just a simple matter or running whatever it's told to include. It's kind of a footgun situation, where it's generally good enough to trust the administrator not to make such a loop. I did it for depend loops, but only because that's kind of elemental in building an acyclic directed graph.
It doesn't look like the patch in it's current state handles this circular includes.
May 22 2023
Haven't looked closely yet, but: are circular includes handled correctly?
May 21 2023
I you use git format-patch -1 -U9999 and apply it with git am <patch>, you get the whole commit with the message. Not strictly needed, but makes life easier.
I like this approach.
It blurs the line between UCL and jail format (IMHO making future transition to UCL smoother), and makes include more explicit (and less magical comparing to D40188)
New and improved diff :-)