aboutsummaryrefslogtreecommitdiff
path: root/share/examples/jails/jib
Commit message (Collapse)AuthorAgeFilesLines
* Remove $FreeBSD$: one-line sh patternWarner Losh2023-08-161-1/+0
| | | | Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
* add ability to set watchdog timeout for a shutdownAndriy Gapon2019-10-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change allows to specify a watchdog(9) timeout for a system shutdown. The timeout is activated when the watchdogd daemon is stopped. The idea is to a prevent any indefinite hang during late stages of the shutdown. The feature is implemented in rc.d/watchdogd, it builds upon watchdogd -x option. Note that the shutdown timeout is not actiavted when the watchdogd service is individually stopped by an operator. It is also not activated for the 'shutdown' to the single-user mode. In those cases it is assumed that the operator knows what they are doing and they have means to recover the system should it hang. Significant subchanges and implementation details: - the argument to rc.shutdown, completely unused before, is assigned to rc_shutdown variable that can be inspected by rc scripts - init(8) passes "single" or "reboot" as the argument, this is not changed - the argument is not mandatory and if it is not set then rc_shutdown is set to "unspecified" - however, the default jail management scripts and jail configuration examples have been updated to pass "jail" to rc.shutdown, just in case - the new timeout can be set via watchdogd_shutdown_timeout rc option - for consistency, the regular timeout can now be set via watchdogd_timeout rc option - watchdogd_shutdown_timeout and watchdogd_timeout override timeout specifications in watchdogd_flags - existing configurations, where the new rc options are not set, should keep working as before I am not particularly wed to any of the implementation specifics. I am open to changing or removing any of them as long as the provided functionality is the same (or very close) to the proposed one. For example, I think it can be implemented without using watchdogd -x, by means of watchdog(1) alone. In that case there would be a small window between stopping watchdogd and running watchdog, but I think that that is acceptable. Reviewed by: bcr (man page changes) MFC after: 5 weeks Relnotes: yes Differential Revision: https://reviews.freebsd.org/D21221 Notes: svn path=/head/; revision=353039
* Fix jail examples in jib, jng, READMEDevin Teske2018-10-281-1/+1
| | | | | | | | | | | | | | | | | | | | | The provided example jail configs do not work for multiple interfaces. Multiple interfaces need to be specified as a comma separated list or using multiple += lines in jail.conf. In the given example, a space- separated string is used, which doesn't work with multiple interfaces. Also added a note to the README about VIMAGE being built-in by default on amd64 in FreeBSD 12, with appropriate instructions for loading the necessary netgraph ether module (ng_ether) since it is neither built- in nor autoloads. Submitted by: Ryan Moeller <ryan@freqlabs.com> Reported by: Ryan Moeller <ryan@freqlabs.com> MFC after: 3 days Sponsored by: Smule, Inc. Differential Revision: https://reviews.freebsd.org/D17697 Notes: svn path=/head/; revision=339843
* Fix missing description for command usageDevin Teske2016-02-131-1/+3
| | | | | | | | | While "jng" or "jib" without arguments told you what each sub-command does, sub-command usage didn't tell you (e.g., "jng bridge" or "jib addm" gave only usage and not description). Notes: svn path=/head/; revision=295587
* Comments and fix small bugDevin Teske2016-02-121-8/+11
| | | | | | | | | Reduce differences between jib/jng and fix a bug that would prevent additional interfaces from being created if the first of many already existed (counter wasn't incremented before calling only continue). Notes: svn path=/head/; revision=295556
* Add syntax to disable MAC allocationDevin Teske2016-02-121-5/+14
| | | | | | | | | | | | Adding `!' before an interface name will disable MAC allocation, falling back to driver mechanics. Alternatively adding `=' before an interface name causes the MAC address to be cloned (for ng_bridge(4) back-end only). While here, disable the auto-detection of wlan* since this knocks the host off; requiring the host that defines the jail to explicitly enable this feature by preceding the interface with `='. Notes: svn path=/head/; revision=295554
* Refactor conversion to hexDevin Teske2016-02-121-13/+7
| | | | Notes: svn path=/head/; revision=295553
* Centralize MAC derivation formulaDevin Teske2016-02-111-75/+87
| | | | Notes: svn path=/head/; revision=295546
* Bring generated interfaces up alwaysDevin Teske2016-02-091-0/+3
| | | | Notes: svn path=/head/; revision=295443
* Change MAC algo to support mixing w/jng interfacesDevin Teske2016-02-091-14/+11
| | | | Notes: svn path=/head/; revision=295442
* Fix bpf unhiding example /etc/devfs.rulesDevin Teske2016-02-091-1/+1
| | | | Notes: svn path=/head/; revision=295441
* Adjust MAC algo to support interface branchingDevin Teske2016-02-091-12/+32
| | | | Notes: svn path=/head/; revision=295422
* Adjust MAC allocation algo to support layeringDevin Teske2016-02-081-2/+9
| | | | Notes: svn path=/head/; revision=295401
* Provide additional information on overall purposeDevin Teske2016-02-081-1/+5
| | | | Notes: svn path=/head/; revision=295400
* Fix copy/paste error; s/ngX/eXb/Devin Teske2016-02-081-2/+2
| | | | Notes: svn path=/head/; revision=295399
* Add two scripts for vnet jailsDevin Teske2016-02-071-0/+367
One for if_bridge(4) back-end, another for ng_bridge(4) back-end Sponsored by: FIS Global, Inc. Notes: svn path=/head/; revision=295373
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-02 07:01:56 +0000