Commit 9b6932b7 authored by Leigh B. Stoller's avatar Leigh B. Stoller

tunefs the newly created vnode FS and dial the minfree down to 2

percent, and optimize for space. Prelude to creating smaller jails
on local nodes, as soon as I can get SFS running inside a jail the way
I want it (in which case users will have access to their project and
home dirs on the file server).

Add Mike's IPADDR change, with slight modification. tmcd will specify
a list of ip addresses as a comma separated list, which are converted
to -i options to pass to jail. Kernel will restrict bind to these IPs.
parent ba39fecc
#!/usr/bin/perl -w
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# Copyright (c) 2000-2003 University of Utah and the Flux Group.
# All rights reserved.
#
use English;
......@@ -252,6 +252,7 @@ exit(0);
sub mkrootfs($)
{
my ($path) = @_;
my $vnsize = $VNFILEMBS;
chdir($path) or
fatal("Could not chdir to $path: $!");
......@@ -262,7 +263,7 @@ sub mkrootfs($)
#
# Big file of zeros.
#
mysystem("dd if=/dev/zero of=root.vnode bs=1m count=$VNFILEMBS");
mysystem("dd if=/dev/zero of=root.vnode bs=1m count=$vnsize");
#
# Find a free vndevice.
......@@ -279,6 +280,7 @@ sub mkrootfs($)
mysystem("disklabel -r -w vn${vndevice} auto");
mysystem("newfs -b 8192 -f 1024 -i 4096 -c 15 /dev/vn${vndevice}c");
mysystem("tunefs -m 2 -o space /dev/vn${vndevice}c");
mysystem("mount /dev/vn${vndevice}c root");
push(@mntpoints, "$path/root");
......@@ -614,6 +616,8 @@ sub getjailconfig($)
# See if special jail opts supported.
#
sub setjailoptions() {
my $sawip = 0;
$jailoptions = "";
#
......@@ -657,12 +661,27 @@ sub setjailoptions() {
}
last SWITCH;
};
/^IPADDR$/ && do {
# Comma separated list of IPs
my @iplist = split(",", $val);
foreach my $ip (@iplist) {
if ($ip =~ /(\d+\.\d+\.\d+\.\d+)/) {
$jailoptions .= " -i $1";
$sawip = 1;
}
}
last SWITCH;
};
}
}
print("SSHD port is $sshdport\n");
system("sysctl jail.inetraw_allowed=1 >/dev/null 2>&1");
system("sysctl jail.bpf_allowed=1 >/dev/null 2>&1");
if ($sawip) {
system("sysctl jail.multiip_allowed=1 >/dev/null 2>&1");
}
if ($?) {
print("Special jail options are NOT supported!\n");
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment