Page MenuHomeFreeBSD

Fix rc scripts so that nfsd(8), nfsuserd(8), gssd(8) and rpc.tlsservd(8) can run in vnet prisons
ClosedPublic

Authored by rmacklem on Feb 27 2023, 2:43 PM.
Tags
Referenced Files
F102950992: D38809.diff
Tue, Nov 19, 3:05 AM
Unknown Object (File)
Sun, Nov 17, 5:34 AM
Unknown Object (File)
Sat, Oct 26, 6:14 PM
Unknown Object (File)
Oct 1 2024, 11:35 AM
Unknown Object (File)
Oct 1 2024, 11:34 AM
Unknown Object (File)
Oct 1 2024, 11:20 AM
Unknown Object (File)
Sep 29 2024, 12:44 AM
Unknown Object (File)
Sep 26 2024, 7:47 PM
Subscribers

Details

Summary

Once D37741 and D38808 are committed to main,
it will be possible to run these daemons in a vnet
prison if the "allow.nfsd" option is specified in jail.conf.

This patch fixes the rc scripts for this.
Mostly just removes the "nojail" KEYWORD, but also
avoids setting vfs.nfsd.srvmaxio in a prison, since it
must be set outside of the prisons and applies to all
nfsd(8) instances.

Test Plan

These modified scripts have been tested on a system
configured to run nfsd(8) and friends bith inside and
outside of vnet prisons.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Added a check for the jail being a vnet jail.
Also, mountd got missed and is now in the patch.

Just use the KEYWORD novnetjail to indicate the
daemons can run in a vnet jail, as suggested by jamie@.

Changed novnetjail to nojailvnet.

I missed this when testing, because the daemons
terminate if the jail isn't correctly configured and
I didn't look in /var/log/messages in the jails, to see
if they tried to start up.

This revision is now accepted and ready to land.Mar 12 2023, 5:42 PM