From 70255a9b2401ac22ecff476e2837e752ea0b300c Mon Sep 17 00:00:00 2001
From: Xin Li <d@delphij.net>
Date: Fri, 16 Dec 2011 13:24:28 -0800
Subject: [PATCH 08/65]  - Makefile changes to implement 'installskel' target 
 - rc.d/jail changes to make skel actually work on
 start  - bin/df/df.c changes to hide nullfs by
 default  - create usr/ports by default

---
 Makefile               |    2 ++
 Makefile.inc1          |   12 ++++++++++++
 bin/df/df.c            |    7 +++++++
 etc/mtree/BSD.usr.dist |    2 ++
 etc/rc.d/jail          |   33 +++++++++++++++++++++++++++++++++
 5 files changed, 56 insertions(+), 0 deletions(-)

diff --git a/Makefile b/Makefile
index 6fd82311..74a62f0 100644
--- a/Makefile
+++ b/Makefile
@@ -94,6 +94,7 @@ TGTS=	all all-man buildenv buildenvvars buildkernel buildworld \
 	everything hierarchy install installcheck installkernel \
 	installkernel.debug packagekernel packageworld \
 	reinstallkernel reinstallkernel.debug \
+	installskel \
 	installworld kernel-toolchain libraries lint maninstall \
 	obj objlink regress rerelease showconfig tags toolchain update \
 	_worldtmp _legacy _bootstrap-tools _cleanobj _obj \
@@ -109,6 +110,7 @@ TGTS+=	${BITGTS}
 .ORDER: buildworld installworld
 .ORDER: buildworld distributeworld
 .ORDER: buildworld buildkernel
+.ORDER: buildworld installskel
 .ORDER: buildkernel installkernel
 .ORDER: buildkernel installkernel.debug
 .ORDER: buildkernel reinstallkernel
diff --git a/Makefile.inc1 b/Makefile.inc1
index 6b012bd..809b62a 100644
--- a/Makefile.inc1
+++ b/Makefile.inc1
@@ -693,6 +693,18 @@ packageworld:
 .endfor
 
 #
+# installskel
+#
+# Installs a minimum set of files that can support a mini-jail
+#
+installskel:
+	@echo "--------------------------------------------------------------"
+	@echo ">>> Making installskel"
+	@echo "--------------------------------------------------------------"
+	${_+_}cd ${.CURDIR}; ${MAKE} hierarchy
+	${_+_}cd ${.CURDIR}/etc; ${MAKE} distribution
+
+#
 # reinstall
 #
 # If you have a build server, you can NFS mount the source and obj directories
diff --git a/bin/df/df.c b/bin/df/df.c
index 73f6acd..fdc1d66 100644
--- a/bin/df/df.c
+++ b/bin/df/df.c
@@ -187,6 +187,13 @@ main(int argc, char *argv[])
 	argc -= optind;
 	argv += optind;
 
+	if (vfslist == NULL) {
+		optarg = strdup("devfs,ufs,zfs,tmpfs");
+		vfslist = makevfslist(optarg);
+		free(optarg);
+		optarg = NULL;
+	}
+
 	mntsize = getmntinfo(&mntbuf, MNT_NOWAIT);
 	bzero(&maxwidths, sizeof(maxwidths));
 	for (i = 0; i < mntsize; i++)
diff --git a/etc/mtree/BSD.usr.dist b/etc/mtree/BSD.usr.dist
index 87497b1..c3e7d21 100644
--- a/etc/mtree/BSD.usr.dist
+++ b/etc/mtree/BSD.usr.dist
@@ -55,6 +55,8 @@
     ..
     obj             nochange
     ..
+    ports
+    ..
     sbin
     ..
     share
diff --git a/etc/rc.d/jail b/etc/rc.d/jail
index 09170bd..4599aba 100755
--- a/etc/rc.d/jail
+++ b/etc/rc.d/jail
@@ -117,6 +117,16 @@ init_variables()
 	[ -z "${_consolelog}" ] && _consolelog="/var/log/jail_${_j}_console.log"
 	eval _fib=\"\${jail_${_j}_fib:-${jail_fib}}\"
 
+	# Default settings for skel jail
+	eval _skel_enable=\"\${jail_${_j}_skel_enable:-${jail_skel_enable}}\"
+	[ -z "${_skel_enable}" ] && _skel_enable="NO"
+	eval _skel_root=\"\${jail_${_j}_skel_root:-${jail_skel_root}}\"
+	[ -z "${_skel_root}" ] && _skel_root="/"
+	eval _skel_romounts=\"\${jail_${_j}_skel_romounts:-${jail_skel_romounts}}\"
+	[ -z "${_skel_romounts}" ] && _skel_romounts="bin sbin lib libexec usr/bin usr/sbin usr/include usr/lib usr/libdata usr/libexec usr/sbin usr/share usr/src usr/obj"
+	eval _skel_rwmounts=\"\${jail_${_j}_skel_rwmounts:-${jail_skel_rwmounts}}\"
+	[ -z "${_skel_rwmounts}" ] && _skel_rwmounts="usr/ports"
+
 	# Debugging aid
 	#
 	debug "$_j devfs enable: $_devfs"
@@ -193,6 +203,10 @@ init_variables()
 
 	debug "$_j flags: $_flags"
 	debug "$_j consolelog: $_consolelog"
+	debug "$_j skel enable: $_skel_enable"
+	debug "$_j skel mount-readonly: $_skel_romounts"
+	debug "$_j skel mount-readwrite: $_skel_rwmounts"
+	debug "$_j skel mount skeleton from: $_skel_root"
 
 	if [ -z "${_hostname}" ]; then
 		err 3 "$name: No hostname has been defined for ${_j}"
@@ -314,6 +328,14 @@ jail_umount_fs()
 			secure_umount ${_mountpt}
 		done
 	fi
+	if checkyesno _skel_enable; then
+		for _mntpt in ${_skel_romounts} ${_skel_rwmounts}
+		do
+			if [ -d "${_rootdir}/${_mntpt}" ] ; then
+				umount -f ${_rootdir}/${_mntpt} > /dev/null 2>&1
+			fi
+		done
+	fi
 }
 
 # jail_mount_fstab()
@@ -589,6 +611,17 @@ jail_start()
 			fi
 			jail_mount_fstab
 		fi
+		if checkyesno _skel_enable; then
+			info "Mounting skeleton for jail ${_jail} from ${_skel_root}"
+			for _mntpt in $_skel_romounts
+			do
+				mount_nullfs -ordonly ${_skel_root}/${_mntpt} ${_rootdir}/${_mntpt} > /dev/null 2>&1
+			done
+			for _mntpt in $_skel_rwmounts
+			do
+				mount_nullfs ${_skel_root}/${_mntpt} ${_rootdir}/${_mntpt} > /dev/null 2>&1
+			done
+		fi
 		if checkyesno _devfs; then
 			# If devfs is already mounted here, skip it.
 			df -t devfs "${_devdir}" >/dev/null
-- 
1.7.8.3