Re: Ezjail
On 30.04.20 17:30, Brandon helsley wrote: > I installed and updated base jail with ezjail and then like the > example in the handbook, created dnsjail with it's ip. I'm now needed > to change the jail file in ezjail directory to a different ip > address. What do I change it to and how do I do this? Can I get any > help? Please? Simplest is to (everything as root) just stop the jail via ezjail-admin stop JAILNAME then edit the file /usr/local/etc/ezjail/JAILNAME and change the line with your original IP address: jail_JAILNAME_ip="123.45.78.90" or jail_JAILNAME_ip="lo1|127.0.23.42" and then run the jail again with ezjail-admin start JAILNAME Best erdgeist ___ freebsd-jail@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: Cannot delete jail folder
Currently on the road. But FAQ answers your question. Look for noschg https://erdgeist.org/arts/software/ezjail/#faq Best erdgeist Am 11. Juni 2017 17:13:00 MESZ schrieb "Grégory Reinbold": >Hi, > >I have installed a jail using ezjail-admin for testing the solution. >After testing, I want to delete the jail using: > ># ezjail-admin delete jailname > >I see in the man page, the elete argument: only deletes ezjail's >control >file for the selected jail as well as /etc/fstab.jailname. > >So, I tried to delete the folder manually using: > ># rm -rf /usr/jails/jailname > >Result: /usr/jailname/test/var/empty > >My root are not able to delete this directory, so how I can it? > > >Regards > >-- >Grégory Reinbold > >___ >freebsd-jail@freebsd.org mailing list >https://lists.freebsd.org/mailman/listinfo/freebsd-jail >To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org" -- Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet. ___ freebsd-jail@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: Configuring network without ezjail
On 12.12.15 01:19, marcel wrote: > I would like to know if it is possible to configure a jail's network for > accessing to the World Wide Web but without ezjail ? > I have created my jail without ezjail (mkdir jail, make installworld, > etc...) and I would like to continue without it if it's possible... Sure, why doesn't it connect to the net? Does it have a RFC1918 IP? If so, you need to enable NAT. If not, did you enable gatewaying? Maybe you just have DNS problems, so is your resolv.conf set up properly? Without knowing what exactly is not working, I can not help you. erdgeist ___ freebsd-jail@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: Configuring network without ezjail
On 12.12.15 02:50, marcel wrote: > No I don't get to have an IP address... Yet I have writed this in my > host's rc.conf: > > jail_enable="YES" > jail_list="thename" > jail_guantanamo_rootdir="thepath" > jail_guantanamo_hostname="thename" > jail_guantanamo_ip="192.168.0.12" Well, what you write into your rc.conf is only relevant to the /etc/rc.d/jail script. If you're not using the script, you don't need these variables. You might man to look up the jail.conf(5) man page. > and I use the command: > > jail thepath thename 192.168.0.12 /bin/csh Looks like you need to create the jail first. Use the -c parameter to jail. However I suggest to configure your jails with either a tool like ezjail or at least start the jails with the /etc/rc.d/jail script. erdgeist ___ freebsd-jail@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
Re: Create Jail fail by c language
On 18.04.15 17:34, freekai wrote: 18 j.ip4s=inet_addr(cp); From the man page: The “ip4s” and “ip6s” give the numbers of IPv4 and IPv6 addresses that will be passed via their respective pointers. so it should rather read: 18 j.ip4s=1; 19 j.ip6s=0; 20 21 if(1!=inet_aton(cp,ip4)) 22 printf(the address is invalid\r\n); 23 24 j.ip4=ip4; The problem is it will print `einval`,it means `The version number of the argument is not correct.` How to solve it? Also, the man pages states several other reasons for the EINVAL return code (scroll further down), one of them being [EINVAL] A supplied parameter is the wrong size. Regards erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: preferred jail management tool
On 28.01.15 17:11, wishmaster wrote: This is not killer feature, this something imperfection (sorry, Dirk. Without insults). No offense taken. Everyone has their own requirements and we worked out that you are not the run-of-the-mill ezjail customer. Fine. No need to convince others that your use case is the only valid one, though. I still think that the FHS has defined a decent line for what in a FreeBSD installation is static shareable and can be provided read only to all jails. If you have actual users with their own requirements you want to contain in a jail, they DO expect a vanilla installation to do their stuff with. And this is what ezjail was built for originally. erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: preferred jail management tool
On 27.01.15 21:01, Peter Toth wrote: The most important part is jail(8) and properties can be passed to jail(8) very easily. This is the very reason I stopped relying on any rc.d/jai or jail.conf for iocage. It is much easier/simpler to add/modify features when dealing with jail(8) directly. This means that you need to keep your config in yet another place. I think it's much nicer to point a user to a defined location where he would find everything that magically creates those jail containers at system startup. I think that rc.d/jail and its config should provide all the means necessary to describe the state of the system's jails after booting up. If it doesn't, the tool is useless. Could you please explain what features are missing in jail.conf for you to not use it? Maybe we can layout a path to a better config abstraction. erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: preferred jail management tool
On 27.01.15 22:12, Miroslav Lachman wrote: Yes. Sometimes I have a feeling that jails or some other features are unwanted children. I had PR opened for years with patche to rc.d/jail or etc/rc.subr to incorporate nice, or cpuset. And it never found it's way to the tree. How's that possible? I felt similarly frustrated when I went to 2013's BSDCan trying to talk to the jaily people and noone was around. Jamie couldn't attend but said that he's busy with other stuff and couldn't commit time to jail development. Which, of course, is fine. It leaves a void, though. What good are features that are neither documented nor exposed to the users? How do we move on from here and get config and docs synchronized and where can I get a big picture of what's the big plan for the future? erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: preferred jail management tool
On 27.01.15 21:36, Valeri Galtsev wrote: Now I feel ultimately confused. I [still] have all my jail configurations in /etc/rc.conf, and I can start or stop one of the jails by /etc/rc.d/jail [start|stop] jailname If I switch all configurations to /etc/jail.conf, will the same commands work for starting/stopping jails? Yes, using per-jail-variables in your rc.conf has been deprecated but will still work in 10. If you migrate to jail.conf, everything will be working as you expect. erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: preferred jail management tool
On 27.01.15 17:57, Mark Felder wrote: I'll admit that last time I used ezjail I found it frustratingly difficult to locate concise documentation on exactly how flavours worked, and how to use scripts to do things to the new jails as well as copying in the files I wanted. Maybe I just didn't look hard enough, though. Well, I built flavours as stupidly simply as it gets: all it does is to copy files and some of them happen to be located in /etc/rc.d, being executed at the first start up. If you would have taken a single look into the example flavour, you should have noticed. Even in the old docs this was pointed out, the overhauled man pages do that even more precisely. erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: cannot access internet from jail, help needed please
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01.06.14 02:14, s7r wrote: 2. My server has 3 public IPv4 addresses. Add one of them as an alias (for the jail): # ifconfig em0 alias ip netmask 255.255.255.255 Also did you check that the jail's addresses are inside the net configured netblock and you do not have routing table entries that might divert or block traffic, i.e. is there a firewalls, if so what are its rules? erdgeist -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAlOKdNkACgkQuN1wFypsMNN1nwCeNoEbJkskow8Vw+Y/BfWCcyQt kgYAn0syfyunUNyiCzE8a+0jqSTrL+cr =fJZ6 -END PGP SIGNATURE- ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
BUG in jail(8) variable substitution, and PATCH
The variable substitution of FreeBSD's jail tool yields unexpected results when a parameter has more than one variable to substitute and one of the later variables needs substitution as well. Consider the simple test case: $A = A_${B}_C_${D}; $B = B; $D = D_${E}_F; $E = E; bar { exec.poststart = touch /tmp/$A; } EXPECTED OUTCOME for running jail -c bar would be a file with the name /tmp/A_B_C_D_E_F to be touched (and, of course, the jail bar being created). OBSERVED OUTCOME is a file with the name /tmp/A_BBBD_E_FBB_C_ being created. The reason is the way jail(8) resolves recursive substitutions. In head/usr.sbin/jail/config.c:193 a varoff variable is introduced that handles a shifting offset for multiple variable substitutions per parameter. This varoff is updated after each substitution in line 239 to reflect a new offset into the parameter's string. This ensures that all other variables are substituted at [their insertion point plus varoff] which is the accumulated length of all previously substituted variables. Now in our example, if $A is to be expanded, first ${B} is inserted at offset 2 and varoff becomes 10. When substituting ${D}, the recursion check at line 216 detects that variable $D also needs expansion. It reorders the parameter list, so that the algorithm works on variable $D now. Then it jumps to find_vars at line 191 and properly expands D_${E}_F to D_E_F. When the algorithm now returns to expanding $A by entering the loop body again, it finds a re-set varoff variable leading to (the now expanded) variable $D being inserted at the offset 5, where the parser initially would find it (the internal format for $A is approx: { A__C_, {2, B}, {5, D}}) and not at the corrected offset 10. PROPOSED SOLUTION: Get rid of the varoff and replace line 239 with: [struct cfvar *]vv = v; while ((vv = STAILQ_NEXT(vv, tq))) v-pos += vs-len; to make the offset permanent. Find a patch attached. Regards, erdgeist Index: config.c === --- config.c(revision 256751) +++ config.c(working copy) @@ -129,9 +129,8 @@ struct cfjail *j, *tj, *wj; struct cfparam *p, *vp, *tp; struct cfstring *s, *vs, *ns; - struct cfvar *v; + struct cfvar *v, *vv; char *ep; - size_t varoff; int did_self, jseq, pgen; if (!strcmp(cfname, -)) { @@ -190,7 +189,6 @@ p-gen = ++pgen; find_vars: TAILQ_FOREACH(s, p-val, tq) { - varoff = 0; while ((v = STAILQ_FIRST(s-vars))) { TAILQ_FOREACH(vp, j-params, tq) if (!strcmp(vp-name, v-name)) @@ -232,11 +230,13 @@ goto bad_var; } s-s = erealloc(s-s, s-len + vs-len + 1); - memmove(s-s + v-pos + varoff + vs-len, - s-s + v-pos + varoff, - s-len - (v-pos + varoff) + 1); - memcpy(s-s + v-pos + varoff, vs-s, vs-len); - varoff += vs-len; + memmove(s-s + v-pos + vs-len, + s-s + v-pos, + s-len - v-pos + 1); + memcpy(s-s + v-pos, vs-s, vs-len); + vv = v; + while ((vv = STAILQ_NEXT(vv, tq))) + vv-pos += vs-len; s-len += vs-len; while ((vs = TAILQ_NEXT(vs, tq))) { ns = emalloc(sizeof(struct cfstring)); ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Patch: make the jail(8) command set the jid parameter
Hello, I've created a patch to the jail command that allows statements like exec.poststart = touch /startjailid_${jid}; exec.prestop = touch /stopjailid_${jid}; in a jail.conf work as expected, even if the jid is not specified there, i.e. for jails without a pinned jid. It works by splitting variable substitution in two parts. In the first pass a missing jid parameter is ignored, running_jid and the IP__OP create operation will then set the jail's jid parameter and try to resolve any references not done before. The code should probably check for references to $jid before it is available (i.e. in the exec.prestart variable), but just substituting the empty string as it happens now should be just fine. Find the patch at https://erdgeist.org/arts/software/jail/usr.sbin.jail-jid.patch Regards, erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Allowing meta-namespace in jail.conf
Dear jail enthusiasts, in order to move forward with my jail management project ezjail, and make it support the new jail.conf way of managing jail configs, I need a way to add properties to jails that are currently not in the list of allowed parameters. I was thinking of something like web-jail { name = 'www.test.com'; meta.ezjail.imagetype = 'zfs'; meta.ezjail.zfsdataset = 'tank/ezjail/www.test.com-data'; } Alternatively, I could keep a shadow tree of config options and generate jail configs on the fly, but that would mean not using the power of the new jail config format. This can also lead to conflicting settings (e.g. from wildcard jails or global options) and unexpected parts of the system to look for configs. Another issue is the complexity of the jail.conf format which makes it hard to automatically manipulate entries. I've started working on a parser/generator in shell, but wondered if there are any plans to add a way to remove jail blocks (adding is easier) and add/modify/delete parameters in jail blocks. Some standardized way to get the result from jail(8)'s parser would of course be a nice start. Any thoughts on that? erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: ezjail and UPDATING20131010
On 12.10.13 07:24, Alexander Leidinger wrote: Regarding OS updates (and I assume manual installworld updates in the question as freebsd-update is not considered an option) I use: Well, running freebsd-update on all the jails with IgnorePaths set to /[^e][^t][^c].* does the trick ---snip--- cd /usr/src for jail in /path/to/jails/*; do echo $jail sleep 5 mergemaster -D $jail make DESTDIR=$jail delete-old -DBATCH_DELETE_OLD_FILES make DESTDIR=$jail check-old # list old libs fi make DESTDIR=/path/to/basejail delete-old -DBATCH_DELETE_OLD_FILES That assumes you have the sources handy which is not always the case. erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: ezjail and UPDATING20131010
On 11.10.13 21:27, wishmaster wrote: Yeah!? But do you think updating python in each jail this is the right solution? Freebsd-update in each jail?? What about when number of jails is 10 or about. My server is very high loaded and I use tunable custom kernel and world. Don't use jails then. Better go and order ten servers and use the amazing features of ... well, d'oh. Puppet? erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: jail(8) vs. rc.d/jail features - fstab, zfs, vnet
On 13.05.13 15:06, Dirk Engling wrote: The easy things like adding a zfs dataset parameter and the postcreate command can be found here: http://erdgeist.org/arts/software/jail/usr.sbin.jail-postcreate.patch http://erdgeist.org/arts/software/jail/usr.sbin.jail-zfsdataset.patch Forgot to attach the documentation http://erdgeist.org/arts/software/jail/usr.sbin.jail-man.patch erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: jail(8) vs. rc.d/jail features - fstab, zfs, vnet
On 14.04.13 17:24, Jamie Gritton wrote: line, which is inelegant to say the least. What I need is a $jid to be set even when it isn't specified in the config, which is a little complicated but doable if I just get down to it. After stabbing around in the code for a while I found that parameter substitution happens so early that for non-jid bound jails this parameter will not be set until much later with the create_jail call and thus would need special handling in load_config. Code for substituting just the $jid variable would need to be duplicated from load_config and reapplied just in case the jid was not set. Still I agree, it's the much nicer approach, if it works. Proceed away :-). The easy things like adding a zfs dataset parameter and the postcreate command can be found here: http://erdgeist.org/arts/software/jail/usr.sbin.jail-postcreate.patch http://erdgeist.org/arts/software/jail/usr.sbin.jail-zfsdataset.patch Regards, erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: jail(8) vs. rc.d/jail features - fstab, zfs, vnet
On 12.04.13 01:58, Jamie Gritton wrote: Jamie, similar parameter for zfs, or we could create another set of exec.* parameters, which would be more flexible in the long run. But as you hinted at with postprestart, there doesn't seem to be a good logical name for it. hmm, maybe the prestart is misnamed, as it actually happens pre-create. Then prestart would be exactly where we would put the vnet and dataset magic - aftercreate but prestart. I also think, it might be helpful, if the environment could be set up that helps the exec.* scripts finding their way back to the jail in question. Right now I'd have to create a script for every jail, but setting JAIL_JID= JAIL_NAME= before executing the scripts could make scripting nicer, especially finding the jid is tedious in scripts. I also thought about substitution of parameters, but maybe providing the jail name as parameter should be the job for the jail.conf's authors. Since the vnet.interface command exists, you could use that as a guide for adding a zfs parameter. vnet.interface only does anything on jail creation, as the interface automatically reverts to the parent on jail removal. I don't know if the zfs stuff works the same way - if it doesn't, then you'll need a similar prepoststop kind of operation. Looking at the zone_dataset_attach code I understand that jailed zfs datasets are a property of the prison struct, saved as osd and vanish when the jail dies. So it should not be necessary to undo the zfs jail command. However there seems not to be a nice way to find out if any datasets are attached to a jail, besides trying to attach them. With that knowledge I think adding a zfs_datasets option for the jail.conf is rather straight forward and more likely to be useful immediately than having the user construct wrapper scripts to find out about the jid of the jail that can then be passed to a number of zfs jail JID DATASET calls. Shall I proceed? erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
jail(8) vs. rc.d/jail features - fstab, zfs, vnet
Dear jail hackers, in my ongoing quest to understand the direction jail development is heading, I noticed that per-jail-fstabs are not (anymore?, yet?) supported by the new jail(8)-rc.d/jail2-combo. Are there official plans to drop the support? A nice new jail+zfs feature is the zfs jail command, allowing to attach a zfs to a jail. The way[tm] to properly use this feature is to first create a prison, attach the zfs file system(s) to the jid and only then run the exec.start command. So either jail(8) needs to be zfs aware and execute the zfs jail command(s) by itself, or a exec.postprestart command that is being passed the prison id of the new jail needs to be run in system context. (For shutting down and unjail-ing vice versa). The same goes with the vimage features. Most of the ways I can think of using vnet interfaces require some configuration in the host system after the vnet has been attached to the jid but before exec.start (and thus the jail's rc.d/netif) is executed. Since I speak C, posix and sh fluidly, I am willing to implement or help implementing any of the proposals in question, so do not misunderstand them as just demands ;) erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: rc.d/jail and jail.conf
On 31.03.13 20:31, Jamie Gritton wrote: That seems reasonable, but using a jail list in rc.conf may suffice. It is less error prone to just use 'jail_list=*' in rc.conf and disable jails per config block, and then issue a warning like 'Skipping disabled jail(s) foo, bar, baz'. (Although I see this from a perspective of jails being virtual hosts that should be configurable by automated tools, too.) erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: rc.d/jail and jail.conf
On Sun, 31 Mar 2013, Jamie Gritton wrote: If you don't mind some slightly difficult error messages, you can always disable a jail with exec.prestart=false. jail(8) requires all commands to succeed, and in particular won't even create a jail when one of the prestart commands fails. This violates POLA, but failing with exec.prestart=echo skipping jail; exit 1 might work. Even though this is not a good marker from a scripting perspective. erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
rc.d/jail and jail.conf
Dear jail hackers, if I follow the development correctly, the jail(8) command was augmented to make the rc.d/jail script obsolete. However when I want to use the rc system to start my jails, I am stuck with convincing rc.d/jail to not fail for missing _hostname or _rootdir. How am I supposed to have my jails started at boot time? And while we're at it, is there a rcorder-style way to introduce dependencies into jail.conf to control the order my jails are started in? Which brings me to another point, there does not seem to be a way to convince rc.d/jail to set a jailname for old style jails, making it hard to integrate with tools that use libjail to translate what were _hostname parameters to jid before. On a related note, in order to finally include all the nextgen jail features in my ezjail project, I wonder if there's an automated tool to read/write/modify jail.conf(s) on the radar. Currently I am considering keeping my own set of configs and generating a jail.conf per jail on the fly, which I do not think is in the user's interest as conflicting jailnames may occur. In theory a parser would be enough, but having to automatically recreate and correctly reorder all user comments and += statements in the config file when re-writing the file seems a rather hard problem, too. Regards and thanks in advance, erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: rc.d/jail and jail.conf
On Sat, 30 Mar 2013, Nicolas de Bari Embriz Garcia Rojas wrote: If I am right you can define the order of start for jails in the jail2_list (rc.conf), something like: jail2_list=jail1 jail2 Thanks, I suppose it mimicks the way rc.d/jail has handled it. I just wondered if there's a way to have this order automatically determined by a dependency graph, it's a minor request, though. Regards, erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: rc.d/jail and jail.conf
On 30.03.13 21:38, Miroslav Lachman wrote: There is a way, you should use flags. I discussed this topic with bz@ few years ago and this is the official recommendation how newly added features should be used without changes in rc.d/jail jail_myjail_flags=-l -U root -n myjail Thanks, I need a switch, since -n only was introduced in 9.1, is it there to stay? Out of curiosity, why doesn't the jailname default to the hostname, if none is given? erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: Handbook Jail Chapter rewrite available for critique
On 18.03.13 20:16, s...@tormail.org wrote: to configure things themselves. In my experience, ezjail is a much better solution. I also see that you are the maintainer/author of qjail and like to shovel your opinion as the only solution, both in this rewrite and all over the FreeBSD forums. Taking a look at the qjail code I can not help to notice several odd similarities with the ezjail-admin script, down to the very basic bail out routines. I would not go so far to claim it was just a global search/replace job but to me the code looks familiar enough to find the # Copyright 2010, Qjail project. All rights reserved. offensive. I am usually quite open with the license of my software, beerware is as permissive as it gets. I just can not take some script kiddie right out copying my code verbatim and selling it as his, not even acknowledging me as the original author. Anyone here with suggestions how to properly react to this kind of fork? erdgeist ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: jails
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02.02.12 16:16, Bender, Chris wrote: Do you know anything on ZFS? That is my next area of concern that isn't working as a results of our engineer that passed away. ezjail brings native support for zfs. You can create a new file system for each jail, if you ezjail-admin create them with -c zfs, and also have your basejail (the shared base system) managed in a zfs file system, that is snapshot on every update. Regards, erdgeist -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAk8q2zkACgkQuN1wFypsMNNjlQCeMY56ftaapZeKc/O72WxDzW9y 2x4AnArW4QAXuynYon2Vj4nWscn064eY =P8bc -END PGP SIGNATURE- ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org