[call for testing] kmod-devctl-jail

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[call for testing] kmod-devctl-jail

Fabian Freyer
Hi all,

I'd like to call for testing of the kernel module kmod-devctl-jail [1],
which adds devctl(4) support for jail state changes. The aim is to
provide some logging and/or auditing support as well as providing jail
managers with a way to get notified of jail state changes.

I'm not yet clear as to whether this is something that could/should get
upstreamed into base, or should better live in ports.

Please CC me when replying to this, as I am not subscribed to freebsd-jail@.

Thanks,
Fabian

[1] https://github.com/fubarnetes/kmod_devctl_jail.git
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: [call for testing] kmod-devctl-jail

Lars Engels-2
On Fri, Jun 07, 2019 at 02:46:42AM +0200, Fabian Freyer wrote:

> Hi all,
>
> I'd like to call for testing of the kernel module kmod-devctl-jail [1],
> which adds devctl(4) support for jail state changes. The aim is to
> provide some logging and/or auditing support as well as providing jail
> managers with a way to get notified of jail state changes.
>
> I'm not yet clear as to whether this is something that could/should get
> upstreamed into base, or should better live in ports.
>
> Please CC me when replying to this, as I am not subscribed to freebsd-jail@.
>
> Thanks,
> Fabian
>
> [1] https://github.com/fubarnetes/kmod_devctl_jail.git

I just gave it a shot and it can be a very useful tool IMHO.
Please create a review on Phabricator and maybe it can get added to
base.

Here's the log output produced from starting and stopping a jail:

var/log  tail -f jail
Jun  7 23:01:01 nelson jail[314]: Jail JID=2 created
Jun  7 23:01:02 nelson jail[1720]: Process PID=1644 attached to Jail JID=2
Jun  7 23:01:12 nelson jail[46712]: Process PID=46535 attached to Jail JID=2
Jun  7 23:01:12 nelson jail[68454]: Jail JID=2 removed

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: [call for testing] kmod-devctl-jail

Baptiste Daroussin-2
In reply to this post by Fabian Freyer
On Fri, Jun 07, 2019 at 02:46:42AM +0200, Fabian Freyer wrote:

> Hi all,
>
> I'd like to call for testing of the kernel module kmod-devctl-jail [1],
> which adds devctl(4) support for jail state changes. The aim is to provide
> some logging and/or auditing support as well as providing jail managers with
> a way to get notified of jail state changes.
>
> I'm not yet clear as to whether this is something that could/should get
> upstreamed into base, or should better live in ports.
>
> Please CC me when replying to this, as I am not subscribed to freebsd-jail@.
>
> Thanks,
> Fabian
>
> [1] https://github.com/fubarnetes/kmod_devctl_jail.git
At quick glance it clearly sounds like something that should be added to the
official source tree. It does not sounds like something that will evolve of lot
and needs to be updated on regular basis, meaning once it is in, so it should be
fine.

Best regards,
Bapt

signature.asc (849 bytes) Download Attachment