Hi,
There is a proposed patch to add "meta" parameter, which can be any string
associated with a jail. It can be set upon jail creation or added/modified
later:
> jail -cm ... meta="tag1=value1 tag2=value2"
The current design is the following:
- Its value is not inherited from a parent jail.
- A jail can read its own meta via security.jail.meta sysctl.
- The maximum meta size per jail is controlled with a global
security.jail.meta_maxbufsize sysctl. Decreasing it does not alter the
existing meta information.
The context, rationale, and its discussion are on the Phabricator -- review
and comments are welcome:
https://reviews.freebsd.org/D47668
Best regards,
igoro
