FreeBSD Bugzilla – Attachment 171091 Details for
Bug 209929
sysutils/qjail: Update to 4.8 (bugfixes)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
port_diff.Vladimir
qjail-4.8_port_diff.Vladimir (text/plain), 6.00 KB, created by
Joe Barbish
on 2016-06-06 14:19:18 UTC
(
hide
)
Description:
port_diff.Vladimir
Filename:
MIME Type:
Creator:
Joe Barbish
Created:
2016-06-06 14:19:18 UTC
Size:
6.00 KB
patch
obsolete
>Index: sysutils/qjail/Makefile >=================================================================== >--- sysutils/qjail/Makefile (revision 416437) >+++ sysutils/qjail/Makefile (working copy) >@@ -2,7 +2,7 @@ > # $FreeBSD$ > > PORTNAME= qjail >-PORTVERSION= 4.7 >+PORTVERSION= 4.8 > CATEGORIES= sysutils > MASTER_SITES= SF/${PORTNAME} > >@@ -23,7 +23,7 @@ > USES= tar:bzip2 > NO_BUILD= yes > >-CONFLICTS_INSTALL= qjail-2.* qjail-3.0 qjail-3.1 >+CONFLICTS_INSTALL= qjail-2.* qjail-3.* > > do-install: > .for i in qjail qjail.vnet.be qjail.vnet.ng >Index: sysutils/qjail/distinfo >=================================================================== >--- sysutils/qjail/distinfo (revision 416437) >+++ sysutils/qjail/distinfo (working copy) >@@ -1,2 +1,2 @@ >-SHA256 (qjail-4.7.tar.bz2) = 42c72de6a3cf3deb19f84c8e3f95a9054fe226d9e17675397e5d46dd31143e8d >-SIZE (qjail-4.7.tar.bz2) = 62754 >+SHA256 (qjail-4.8.tar.bz2) = dc41c6a7c498129202d3973db11a6a6600ec598a9ac8aeaa8d0baeeba1553224 >+SIZE (qjail-4.8.tar.bz2) = 64593 >Index: sysutils/qjail/pkg-descr >=================================================================== >--- sysutils/qjail/pkg-descr (revision 416437) >+++ sysutils/qjail/pkg-descr (working copy) >@@ -1,15 +1,16 @@ >+This qjail version is not intended for RELEASES older than RELEASE-10.0. >+ > Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail > system that includes security and performance enhancements. Plus a new level > of "user friendliness" enhancements dealing with deploying just a few jails or > large scale jail environments consisting of 100's of jails. > >-This version of qjail uses the jail(8) jail.conf method. This provides the >-ability to enable the following options on a per-jail basis. exec.fib, >-securelevel, allow.sysvipc, devfs_rulesets, allow.raw_sockets, allow.quotas, >-allow.mount.nullfs, allow.mount.tmpfs, allow.mount.zfs, vnet.interface, and >-vnet. The vnet option gives a jail its own network stack using the experimental >-vimage kernel module. This qjail version is not intended for RELEASES older than >-RELEASE-9.2. The vnet option has only been tested on i386 and amd64 equipment. >+Qjail uses the jail(8) jail.conf method. This provides the ability to enable >+the following options on a per-jail basis. exec.fib, securelevel, allow.sysvipc, >+devfs_rulesets, allow.raw_sockets, allow.quotas, allow.mount.nullfs, >+allow.mount.tmpfs, allow.mount.zfs, vnet.interface, and vnet. The vnet option >+gives a jail its own network stack using the experimental vimage kernel module. >+The vnet option has only been tested on i386 and amd64 equipment. > > Qjail requires no knowledge of the jail command usage. It uses "nullfs" for > read-only system executables, sharing one copy of them with all the jails. >Index: sysutils/qjail/pkg-message >=================================================================== >--- sysutils/qjail/pkg-message (revision 416437) >+++ sysutils/qjail/pkg-message (working copy) >@@ -10,8 +10,33 @@ > > ######################################################################## > >-If your host is running 9.3-RELEASE or 10.0-RELEASE, please verify that >-/etc/defaults/rc.conf parameter "devfs_load_rulesets" looks like this >- devfs_load_rulesets="YES" >+For users who have existing qjail environments. Please take note. >+There are changes to the internals of the jail(8) command and changes to >+parameter names in the periodic files that have occured in FreeBSD >+Release 10.2 that effects jail behavior in a very minor way. >+IF your running qjail on an 10.2 or newer version of FreeBSD you should >+consider doing the following. > >+This version of qjail has an built in auto convert function that you may select >+to choose that fixes those minor behavior problems with your existing jails. >+This auto convert function is not documented in the qjail manual. Its only >+shown here. So write it down. >+ >+ Issue [ qjail update -u ] from the host console. >+ >+This will cause the existing "flavors" default & ssh-default directories to be >+renamed and new ones populated. Then in each existing jail the periodic.conf >+and newsyslog.conf files will be renamed with .saved suffix and new ones added. >+The rc.conf file will be updated in place changing the >+syslogd_enable= parameter value from "NO" to "YES". >+ >+The new periodic.conf file has many sendmail reporting options disabled because >+sendmail is disabled in the jails rc.conf file by default. This drastically >+reduces the daily. weekly, monthly system and security status reports elapse >+run times. This has a major effect on operating system performance where there >+are a large number of jails. >+ >+The [ qjail install ] command will install all the correct files depending on >+what version of FreeBSD your host is running. >+ > ######################################################################## >Index: sysutils/qjail/pkg-plist >=================================================================== >--- sysutils/qjail/pkg-plist (revision 416437) >+++ sysutils/qjail/pkg-plist (working copy) >@@ -15,9 +15,10 @@ > %%EXAMPLESDIR%%/default/etc/make.conf > %%EXAMPLESDIR%%/default/etc/motd > %%EXAMPLESDIR%%/default/etc/periodic.conf >-%%EXAMPLESDIR%%/default/etc/periodic103.conf >+%%EXAMPLESDIR%%/default/etc/periodic102.conf >+%%EXAMPLESDIR%%/default/etc/newsyslog102.conf > %%EXAMPLESDIR%%/default/etc/rc.conf >-%%EXAMPLESDIR%%/default/etc/rc103.conf >+%%EXAMPLESDIR%%/default/etc/rc102.conf > %%EXAMPLESDIR%%/default/root/.cshrc > %%EXAMPLESDIR%%/default/usr/local/etc/pkg.conf > %%EXAMPLESDIR%%/default/usr/local/etc/sudoers >@@ -27,10 +28,11 @@ > %%EXAMPLESDIR%%/ssh-default/etc/motd > %%EXAMPLESDIR%%/ssh-default/etc/passwd > %%EXAMPLESDIR%%/ssh-default/etc/periodic.conf >-%%EXAMPLESDIR%%/ssh-default/etc/periodic103.conf >+%%EXAMPLESDIR%%/ssh-default/etc/periodic102.conf >+%%EXAMPLESDIR%%/ssh-default/etc/newsyslog102.conf > %%EXAMPLESDIR%%/ssh-default/etc/pwd.db > %%EXAMPLESDIR%%/ssh-default/etc/rc.conf >-%%EXAMPLESDIR%%/ssh-default/etc/rc103.conf >+%%EXAMPLESDIR%%/ssh-default/etc/rc102.conf > %%EXAMPLESDIR%%/ssh-default/etc/spwd.db > %%EXAMPLESDIR%%/ssh-default/etc/ssh/sshd_config > %%EXAMPLESDIR%%/ssh-default/root/.cshrc
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=171091">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
qjail1
:
maintainer-approval+
Actions:
View
|
Diff
Attachments on
bug 209929
:
170906
|
171057
|
171077
|
171091
|
171092