Attachment #144008 for bug #191213




# $FreeBSD: head/sysutils/qjail/Makefile 354105 2014-05-15 10:40:19Z pi $

PORTNAME=	qjail
PORTVERSION=	3.4
CATEGORIES=	sysutils
MASTER_SITES=	SF/${PORTNAME}



USES=		tar:bzip2
NO_BUILD=	yes
NEED_ROOT=	yes

CONFLICTS_INSTALL=	qjail-2.* qjail-3.0 qjail-3.1 


	${INSTALL_MAN}   ${WRKSRC}/${i}.8 ${STAGEDIR}${MAN8PREFIX}/man/man8
.endfor

#	@${MKDIR}          ${STAGEDIR}${EXAMPLESDIR}
#	${INSTALL_DATA}   ${WRKSRC}/jail-primer.html            \
#		${STAGEDIR}${DOCSDIR}


# note examples are mandatory. qjail will not function without them
	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
	@(cd ${WRKSRC}/examples/ \

Lines 1-2 Link Here

(-)qjail/distinfo (-2 / +2 lines)
1	SHA256 (qjail-3.3.tar.bz2) = 263bf7ff60a2d266ff3a4b39c1ccaf6a1114e22128fa0110351bc6c5d782c525	1	SHA256 (qjail-3.4.tar.bz2) = c86a5396ba46555a6f59818d8b29c4d2da10bdd0359dfaf3851ad45398e45348
2	SIZE (qjail-3.3.tar.bz2) = 61485	2	SIZE (qjail-3.4.tar.bz2) = 62344




large scale jail environments consisting of 100's of jails.

This version of qjail has been converted from using the legacy rc.d-method as 
used in all previous versions of qjail-2.x, to using the jail(8) 
jail.conf-method available in RELEASE-9.1 which contained many bugs, some that 
were fixed in RELEASE-9.2 and others that were finally fixed in RELEASE-9.3
and RELEASE-10.0. This upgrade provides the ability to enable the following 
new options on a per-jail basis. exec.fib, securelevel, allow.sysvipc, 
devfs_rulesets, allow.raw_sockets, allow.quotas, allow.mount.nullfs, 
allow.mount.zfs, cpuset.id, vnet.interface, and vnet. The vnet option gives a 
jail its own network stack using the experimental vimage software. This qjail
version is not intended for RELEASES older than RELEASE-9.3. The vnet option 
has only been tested on i386 and amd64 equipment.

Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
read-only system executables, sharing one copy of them with all the jails.

Lines 10-20 Link Here

(-)qjail/pkg-message (-5 / +3 lines)
10		10
11	########################################################################	11	########################################################################
12		12
13	If your host is running 10.0-RELEASE be sure you apply system security	13	If your host is running 9.3-RELEASE or 10.0-RELEASE, please verify that
14	update. You need to be at 10.0-RELEASE-p2. Run the following commands	14	/etc/defaults/rc.conf parameter "devfs_load_rulesets" looks like this
15	to apply system security updates.	15	devfs_load_rulesets="YES"
16	freebsd-update fetch
17	freebsd-update install
18		16
19	########################################################################	17	########################################################################
20		18

Return to bug 191213

Lines 2-8 Link Here

(-)qjail/Makefile (-7 / +1 lines)
2	# $FreeBSD: head/sysutils/qjail/Makefile 354105 2014-05-15 10:40:19Z pi $	2	# $FreeBSD: head/sysutils/qjail/Makefile 354105 2014-05-15 10:40:19Z pi $
3		3
4	PORTNAME= qjail	4	PORTNAME= qjail
5	PORTVERSION= 3.3	5	PORTVERSION= 3.4
6	CATEGORIES= sysutils	6	CATEGORIES= sysutils
7	MASTER_SITES= SF/${PORTNAME}	7	MASTER_SITES= SF/${PORTNAME}
8		8
Lines 11-17 Link Here
11		11
12	USES= tar:bzip2	12	USES= tar:bzip2
13	NO_BUILD= yes	13	NO_BUILD= yes
14	NEED_ROOT= yes
15		14
16	CONFLICTS_INSTALL= qjail-2.* qjail-3.0 qjail-3.1	15	CONFLICTS_INSTALL= qjail-2.* qjail-3.0 qjail-3.1
17		16
Lines 27-37 Link Here
27	${INSTALL_MAN} ${WRKSRC}/${i}.8 ${STAGEDIR}${MAN8PREFIX}/man/man8	26	${INSTALL_MAN} ${WRKSRC}/${i}.8 ${STAGEDIR}${MAN8PREFIX}/man/man8
28	.endfor	27	.endfor
29		28
30	# @${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
31	# ${INSTALL_DATA} ${WRKSRC}/jail-primer.html \
32	# ${STAGEDIR}${DOCSDIR}
33
34
35	# note examples are mandatory. qjail will not function without them	29	# note examples are mandatory. qjail will not function without them
36	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}	30	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
37	@(cd ${WRKSRC}/examples/ \	31	@(cd ${WRKSRC}/examples/ \

Lines 4-18 Link Here

(-)qjail/pkg-descr (-9 / +10 lines)
4	large scale jail environments consisting of 100's of jails.	4	large scale jail environments consisting of 100's of jails.
5		5
6	This version of qjail has been converted from using the legacy rc.d-method as	6	This version of qjail has been converted from using the legacy rc.d-method as
7	used in all previous versions of qjail, to using the jail(8) jail.conf-method	7	used in all previous versions of qjail-2.x, to using the jail(8)
8	available in RELEASE-9.1 which contained many bugs, some that were fixed in	8	jail.conf-method available in RELEASE-9.1 which contained many bugs, some that
9	RELEASE-9.2 and others fixed in RELEASE-10.0. This upgrade provides the ability	9	were fixed in RELEASE-9.2 and others that were finally fixed in RELEASE-9.3
10	to enable the following new options on a per-jail basis. exec.fib, securelevel,	10	and RELEASE-10.0. This upgrade provides the ability to enable the following
11	allow.raw_sockets, allow.quotas, allow.mount.nullfs, allow.mount.zfs, cpuset.id,	11	new options on a per-jail basis. exec.fib, securelevel, allow.sysvipc,
12	vnet.interface, and vnet. The vnet option gives a jail its own network stack	12	devfs_rulesets, allow.raw_sockets, allow.quotas, allow.mount.nullfs,
13	using the experimental vimage software. This qjail version is not intended	13	allow.mount.zfs, cpuset.id, vnet.interface, and vnet. The vnet option gives a
14	for RELEASES older than RELEASE-10.0. The vnet option has only been tested on	14	jail its own network stack using the experimental vimage software. This qjail
15	i386 and amd64 equipment.	15	version is not intended for RELEASES older than RELEASE-9.3. The vnet option
		16	has only been tested on i386 and amd64 equipment.
16		17
17	Qjail requires no knowledge of the jail command usage. It uses "nullfs" for	18	Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
18	read-only system executables, sharing one copy of them with all the jails.	19	read-only system executables, sharing one copy of them with all the jails.