notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.

Get notified when packages are built

A new feature has been added. FreshPorts already tracks package built by the FreeBSD project. This information is displayed on each port page. You can now get an email when FreshPorts notices a new package is available for something on one of your watch lists. However, you must opt into that. Click on Report Subscriptions on the right, and New Package Notification box, and click on Update.

Finally, under Watch Lists, click on ABI Package Subscriptions to select your ABI (e.g. FreeBSD:14:amd64) & package set (latest/quarterly) combination for a given watch list. This is what FreshPorts will look for.

non port: sysutils/qjail/pkg-plist

Number of commits found: 16

Wednesday, 10 Jan 2024
15:29 Baptiste Daroussin (bapt) search for other commits by this committer
MAN?PREFIX: eleminate its usage  and move man to share/man
commit hash: e4610fcb8b73442ad40b744bb87c1bc428ef7c1c commit hash: e4610fcb8b73442ad40b744bb87c1bc428ef7c1c commit hash: e4610fcb8b73442ad40b744bb87c1bc428ef7c1c commit hash: e4610fcb8b73442ad40b744bb87c1bc428ef7c1c e4610fc
Thursday, 29 Oct 2020
19:03 lwhsu search for other commits by this committer
sysutils/qjail: Updaet to 5.5

1.  Change default ftp site to ftp from ftp12.
2.  Remove config -w and -W [Set vnet.interface NIC]
3.  Add -f flag to unmount command when releasing memory disc.
4.  Change so this version of qjail only runs on 12.0 and newer
    because pf is vimage aware now.
5.  If local install [-f] jump around stable, current check logic.
6.  Change/add logic & code to implement bridge/epair method for vnet jails.
7.  Change qjail.8 about vimage no longer having to be compiled into kernel 12.0
8.  Change "config -v logic to setup vnet jail with pf, ipf, ipf firewall.
9.  Add start vnet code to qjail script to check for host/vnet jail
    firewall mis-match.
10. Add start vnet code to boottime script to check for host/vnet jail
    firewall mis-match.
11. Update all the manuals to reflect the about changes.
12. Add check to "config" so no ipv4 change for vnet jails.
12. Block config ip address changes for vnet jail because of
    class c ip allocations.
14. Change verify_ip subroutine to include check for private ip address and
    127.x.x.x addresses and put on lo0 interface to make that jail local only.
14. Change verify_ip subroutine to include check for vnet class c
    address range.
15. Create non-vnet jail using 127.x.x.x ip4 address to make that jail
    local access only. When config -v to change jail to vnet jail it becomes
    local access only also.
16. Change "config" -4 & -6 to remove the ip address when the word "none" is
    used as in -4 none.
17. Change install to check for amd64 & i386 platform architecture and use
    path with amd62/amd64 and a single architecture path for all other
    platforms.
18. On "qjail install -f /usr/base.txz" option fixed so it works.
19. Diff options changed between 12.1 and 12.2, Removed the -u.

PR:		250696
Submitted by:	Joe Barbish <qjail1@a1poweruser.com> (maintainer)
MFH:		2020Q4
Original commitRevision:553634 
Friday, 17 Feb 2017
16:49 mat search for other commits by this committer
Update to 5.1.

PR:		217177
Submitted by:	maintainer
Sponsored by:	Absolight
Original commitRevision:434303 
Monday, 29 Aug 2016
15:04 mat search for other commits by this committer
Cleanup whitespace at EOL.

Pointy hat:	mat
Sponsored by:	Absolight
Original commitRevision:421066 
14:53 mat search for other commits by this committer
Update sysutils/qjail to 5.0 to handle FreeBSD 11+.

Copy it to sysutils/qjail4 for FreeBSD 10 and sync CONFLICTS with the
FreeBSD 8/9 version.

PR:		212201, 212202
Submitted by:	maintainer
Sponsored by:	Absolight
Original commitRevision:421063 
Sunday, 12 Jun 2016
13:13 pi search for other commits by this committer
sysutils/qjail: 4.7 -> 4.8

There are changes to the internals of the jail(8) command and changes to
parameter names in the periodic files that have occurred in FreeBSD
Release 10.2 that effects jail behavior in a very minor way.

This version of qjail has an built in auto convert function that
fixes those minor behavior problems with existing jails. This auto
convert function is not documented in the qjail manual. Its only
shown in the port install output.  Issue [ qjail update -u ] from
the host console.

This will cause the existing "flavors" default & ssh-default
directories to be renamed and new ones populated. Then in each
existing jail the periodic.conf and newsyslog.conf files will be
renamed with .saved suffix and new ones added.  The rc.conf file
will be updated in place changing the syslogd_enable= parameter
value from "NO" to "YES".

The new periodic.conf file has many sendmail reporting options
disabled because sendmail is disabled in the jails rc.conf file by
default. This drastically reduces the daily. weekly, monthly system
and security status reports elapse run times. This has a major
effect on operating system performance where there are a large
number of jails.

PR:		209929
Submitted by:	Joe Barbish <qjail1@a1poweruser.com> (maintainer)
Reviewed by:	Vladimir Krstulja <vlad-fbsd@acheronmedia.com>, robak
Original commitRevision:416800 
Saturday, 23 Apr 2016
15:05 flo search for other commits by this committer
Update to 4.6

PR:		208980
Submitted by:	Joe Barbish <qjail1@a1poweruser.com>
Sponsored by:	Essen Linuxhotel Hackathon 2016
Original commitRevision:413878 
Wednesday, 20 Apr 2016
22:09 robak search for other commits by this committer
sysutils/qjail: update 4.4 -> 4.5

PR:		208918
Submitted by:	Joe Barbish <qjail1@a1poweruser.com> (maintainer)
Original commitRevision:413709 
Saturday, 4 Apr 2015
13:08 bofh search for other commits by this committer
[MAINTAINER] sysutils/qjail: Update version 3.6=>3.7

- Add LICENSE (BERNE-CONVENTION)
- Change Maintainer email address
- Use @sample framework

PR:		199090
Submitted by:	qjail@a1poweruser.com
Original commitRevision:383220 
Saturday, 22 Nov 2014
09:13 antoine search for other commits by this committer
Cleanup plist
Original commitRevision:373038 
Thursday, 15 May 2014
10:40 pi search for other commits by this committer
sysutils/qjail: upgrade 3.2 -> 3.3

1. Fix typo in qjail.8 manual.
Change "See jailip below" to "See -4 option"

2. Fix typo in qjail-howto.8 manual as per PR# 186269.
Change a comma , inside of ip address to a . period.
73.x.97,51,10.0.10.126 to 73.x.97.51,10.0.10.126

3. Change qjail.portsnap.conf,
remove index-6 index-7 index-8 statements
replace index-9 with index-10

4. Removed rcvar=`set_rcvar` statement from qjail.bootime script.
In Release 10.0 its no longer included in the rc.d scripts and
was causing a non-harmful bogus boot time message. But this
de-activated the ability to control the selection of boot time
starting of jails using the qjail_enable="YES" statement in
the hosts /etc/rc.conf. Put rcvar="qjail_enable" in qjail.bootime
script and things work as exspected.

5. Correct coding bug in archive logic to archive sharedfs per zone.

6. Correct coding bug for Sanity check to see if any jails are running.

7. Changed "qjail install" logic to check that this version of qjail only
runs on release-10.0. This is due to unique properties of jail(8) & rc.d
that are not in 9.2 and older releases.

8. Changed "qjail create" and "qjail config" logic to check if the
-4 and/or -6 IP address are prefixed with "<if_device>|" and/or
suffixed with "/<netmask>" values. jail(8) says this is valid syntax,
but its NOT allowed as valid syntax to qjail.

9. Changed "qjail create" logic to check if no -n value was entered. If not
then populate the -n value with the interface default nic device name
obtained from route command. This is now the automatic default behavior.
The default interface is the one connected to the public internet.
This shortens the "qjail create command" and forces the use of the
automatic creation and deletation of the alias for the jails IP address
on that "network interface name". Made appropriate changes to qjail.8
man page documentation.

10. Changed "qjail create" logic to target another zones archives as input
source. Now you can use any zones archive file as a template to create
a new jail using the existing -a option. New -A option is coded with the
zone name of the target archive file name populating the -a value.
Made appropriate changes to qjail.8 man page documentation.

11. Added -S option to "qjail update" This option will copy the hosts
/usr/src filesystem to sharedfs/usr/src to be shared among all the jails.
Made appropriate changes to qjail.8 man page documentation.

12. Add -P option to "qjail update" This option will copy the hosts
/usr/ports filesystem to sharedfs/usr/ports to be shared among all the jails.
Made appropriate changes to qjail.8 man page documentation.

13. The long time jail(8) bug since 9.1 that deals with the jails /dev
directory which allowed the jail to access things jail should be restricted
from became fixed with 10.0-RELEASE-p2. The hosts /etc/defaults/rc.conf
devfs_load_rulesets="NO" changed to devfs_load_rulesets="YES"
Removed the jail.conf work-a-round statments from the qjail script
build_config_def routine as they are no longer needed.

14. Converted the Port's Makefile to do "stageing".

PR:             ports/189120
Submitted by:   Joe Barbish (maintainer)
Approved by:    culot (mentor)
Original commitRevision:354105 
Thursday, 29 Aug 2013
20:52 pawel search for other commits by this committer
Update to version 3.2

qjail-3.2 change log

1. Added IPv6 support to "create" and "config" commands.

2. Changed the way jail status is determined. Now use "jls -j jailname jid"
 command instead of carring internal jid field in jail definition record.
 This fixed jail status problem when users used the "halt or reboot"
 command on the host instead of the "shutdown now" command.

3. Changed qjail-bootime script to nolonger populate internal jid field
 in jail definition record.

4. Corrected coding of conflicts_install parameter in the port Makefile
 so it functions as wanted. Also inserted message info block about upgrade
 procedure and CONFLICT resolution.

5. Removed all references to qjail.conf file from all man pages.

6. Corrected examples in qjail man for "qjail create" command using
 new -4 option for IPv4 IP addresses.

qjail-3.1 change log http://www.freebsd.org/cgi/query-pr.cgi?pr=179769

1. sharefs/usr/src and sharefs/usr/ports were missing links. Design was to
 have sharedfs share those directories with all jails. Added code to mkdir
 src and port on sharedfs and link to template.

2. For update -b, archive sharedfs, restore sharedfs and install commands,
 replaced the logic of rolling through the qjail.local directory opening
 each definition file to check if jail was running which left the last opened
 jail variables populated, with logic based on using jls command to list
 the running jails and then checking jls list to qjail.global
 directory content of qjail owned jails to determine if jail was running.

3. For archive of image jail, removed qjail prefix from variable name.

4. For "update -b" host binaries have noschg set on a few files, added
 chflags -R noschg "${sharedfs}/${dir}"
 chflags -R nosunlink "${sharedfs}/${dir}"
 commands to remove said status on all files.

5. Add "mount.devfs=1" parameters to build_def function of qjail script and
 qjail-bootime script. This enables ps and top commands to work inside of
 jail. This is a work around for /dev bug in jail(8).

6. "qjail create -a img20 -i 25 img25 10.0.10.20" Using a image archive caused
 cpio to complain when copying the template to populate the img file.
 Replaced cpio with "cp -R dir/" command, also made the same change to
 the dup image logic. The cpio command has problems working with sparse files.

7. Added "qjail config -h" option. This option provides a way to enable "SSH"
 on a jail. Same option as -c of the "qjail create" command.

8. Updated "man qjail" with instructions on using the "mv" command to give
 jails access to the hosts "/usr/ports" or "/usr/src" directories.

9. Added new function to "config" command call -m for manual start jails,
 -m to enable and -M to disable.

10. Changed the "config" command call -r [run, norun] option to -r to enable
 and -R to disable.

qjail-3.0 change log http://www.freebsd.org/cgi/query-pr.cgi?pr=179184

1. This version of qjail has been converted from using the legacy rc.d-method
 as used in all previous versions of qjail, to using the jail(8)
 jail.conf-method available in RELEASE-9.1. This upgrade provides the
 ability to enable the following new options on a per-jail basis.
 exec.fib, allow.raw_sockets, allow.quotas, allow.mount.nullfs,
 allow.mount.zfs, cpuset.id, securelevel, vnet.interface, and vnet.
 The vnet option gives a jail its own network stack using the experimental
 vimage software with or with out ipfw firewall and using if_bridge/epair
 or netgraph for its network. This qjail version is not functional
 for RELEASES older than RELEASE-9.1.

2. The basejail has been renamed to sharedfs and
 newjail has been renamed to template.

3. The archive function now uses the tar utility to bkup the jailname
 filesystem with it's internal qjail admin files.

4. The restore function now uses the tar utility to restore the jailname
 filesystem with it's internal qjail admin files.

5. The -a option of the create command now uses the tar utility to restore
 the jailname filesystem.

6. The qjail man page up-dated to reflect all changes to qjail.

7. The qjail.conf file has been deprecated and removed.

8. Added logic to the "config" command to enable and disable the jail(8)
 selected extended options.

PR:		ports/180773
Submitted by:	Joe Barbish <qjail@a1poweruser.com> (maintainer)
Original commitRevision:325633 
Sunday, 2 Jun 2013
22:13 pawel search for other commits by this committer
Update to version 3.0

PR:		ports/179184
Submitted by:	Joe Barbish <qjail@a1poweruser.com> (maintainer)
Original commitRevision:319728 
Sunday, 3 Feb 2013
18:45 crees search for other commits by this committer
Update to 2.1;

1. Added logic to interrogate the content of flavors for correctness
before allowing them to be merged into the newjail being created.
Only paths targeting directories holding configuration files are
allowed now. The jail create process is terminated and the offending
paths are listed in error messages.

2. Changed the /root/.cshrc file in both flavors default and ssh-default
to now contain setenv PACKAGESITE to point to packages-current
so login users of any jail will have the most current package
version available.

4. In the qjail install logic added code to create these additional paths
in basejail, /usr/ports/packages, /usr/home and /home link.

5. The create -D -I options have been combined to just -d.

6. The create -i -s options have been combined to just -i.

7. The create -c & -C options have been reduced to just -c.

8. The create options -c and -f ssh-default now force the first time
login user to enter a new password.

9. Added logic to create, that rolls through the ip addresses of the
existing
jails to verify the ip address/addresses on the create command are not
all ready used.

10. Corrected the list command display format when jail has more than a
single ip address.

11. Changed the order jails are started, stopped, restarted, and listed
from <z to a> to <a to z>. Also for boot starts.

12. Added system wide logging. Every qjail subcommand and error message
is logged to /var/log/qjail.log. Rotating of the log is enabled.

13. The install subcommand has new -l option to activate system wide
logging.

14. The update subcommand has [-l on|off] option to turn logging on and off.

15. Added new subcommand logmsg. This posts comments to the log file.

16. Changed update option to use its own
/usr/local/etc/qjail.portsnap.conf
file instead of the hosts /etc/portsnap.conf. Enabled REFUSE statements in
/usr/local/etc/qjail.portsnap.conf to drop categories most likely to never
be
used to compile ports inside of a jail.

17. As sparse image allocations get larger  1G -> 5G  creating jails from
archives was taking very long times to complete, 20 minutes or more.
Archives of sparse images larger that 7G caused terminations. All these
things have one thing in common. They all used the pax and cpio utilities.
Turns out these utilities are not sparse file aware. Had to completely
change the way sparse image jails moved through the qjail system. Now the
archive process opens the sparse image and really archives it as a
directory tree jail. This required restore and create options to change
also.

PR:		ports/175771
Submitted by:	Joe Barbish (maintainer)
Original commitRevision:311478 
Wednesday, 2 Jan 2013
10:05 crees search for other commits by this committer
Update to 2.0;

Standard maintenance.

1. Added -c option on "qjail create" command that enables ssh access to the
jail and creates user account using jailname for id/pw.

2. Added -C option on "qjail create" command that depends on -D option that
creates ssh access to jail and creates user account using jailname for
id/pw while automatically duplicating jails.

3. Created a customized flavor, ssh-default that enables ssh access to jails.
This flavor contains a login account with id/pw of qjail.

4. Removed -c option from "qjail install" because hosts customized /etc
caused problems with jail start up.

5. Updated man qjail.8 to reflect the changes.

PR:		ports/174890
Submitted by:	Joe Barbish <qjail@a1poweruser.com> (maintainer)
Original commitRevision:309809 
Saturday, 11 Jun 2011
21:22 crees search for other commits by this committer
Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
system that includes security and performance enhancements. Plus a new level
of "user friendliness" enhancements dealing with deploying just a few jails or
large jail environments consisting of 100's of jails.

Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
read-only system binaries, sharing one copy of them with all the jails.

Uses "mdconfig" to create sparse image jails. Sparse image jails provide a
method to limit the total disk space a jail can consume, while only occupying
the physical disk space of the sum size of the files in the image jail.

Ability to assign ip address with their network device name,
so aliases are auto created on jail start and auto removed on jail stop.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
Original commit

Number of commits found: 16