Bug 211364 - /etc/rc.d/ipsec does not run in VNET jails
Summary: /etc/rc.d/ipsec does not run in VNET jails
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: conf (show other bugs)
Version: 10.3-STABLE
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-rc (Nobody)
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2016-07-25 11:03 UTC by matthias+freebsd+bugzilla
Modified: 2017-11-30 21:38 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description matthias+freebsd+bugzilla 2016-07-25 11:03:08 UTC 
In /etc/rc.d/ipsec has keyword "nojail" wich prevents running in any jail.
running in vnet jails schould be enabled by changing keyword to "nojailvnet".
(like /etc/rc.d/ipfw)

diff included:

--- ipsec.orig  2016-07-25 13:00:10.516069000 +0200
+++ ipsec       2016-07-25 12:59:55.388665000 +0200
@@ -6,7 +6,7 @@
 # PROVIDE: ipsec
 # REQUIRE: FILESYSTEMS
 # BEFORE:  DAEMON mountcritremote
-# KEYWORD: nojail
+# KEYWORD: nojailvnet

 . /etc/rc.subr
Comment 1 commit-hook freebsd_committer freebsd_triage 2017-07-05 20:01:54 UTC 
A commit references this bug:

Author: kp
Date: Wed Jul  5 20:00:59 UTC 2017
New revision: 320696
URL: https://svnweb.freebsd.org/changeset/base/320696

Log:
  Allow ipsec to run in vnet jails

  ipsec is usable in vnet jails, so allow it to run there.

  PR:		211364
  Submitted by:	Matthias Meyser <meyser xenet.de>

Changes:
  head/etc/rc.d/ipsec
Comment 2 commit-hook freebsd_committer freebsd_triage 2017-11-30 21:38:40 UTC 
A commit references this bug:

Author: kp
Date: Thu Nov 30 21:38:10 UTC 2017
New revision: 326415
URL: https://svnweb.freebsd.org/changeset/base/326415

Log:
  MFC r320696: Allow ipsec to run in vnet jails

  ipsec is usable in vnet jails, so allow it to run there.

  PR:		211364
  Submitted by:	Matthias Meyser <meyser xenet.de>

Changes:
_U  stable/11/
  stable/11/etc/rc.d/ipsec