|
jail_tools - set of shell-scripts handling jails |
|
jail_install [-v] [-light] [-disk sizeKB] [IP|alias] jail_start [-v] [IP|alias] jail_stop [-v] [IP|alias] jail_ps [-v] [IP|alias] jail_delete [-v] [IP|alias] jail_update [-v] [IP|alias] /usr/local/etc/jail.conf /usr/local/etc/jailtab |
|
jail_tools or JailTools is a set of scripts which provides minimal functionality to create (install), start, stop, and delete jails, list jail processes, and update/upgrade jails from the jail-host. jail_install installs a jail, requirements: make buildworld in /usr/src/ of the jail-host jail_start starts a jail, executes default shell as defined in jail.conf (/usr/local/etc/) jail_stop stops a particular jail, requirement: procfs mounted, see procfs(5) jail_delete deletes a jail, make sure any mounted content within the jail hierachy is unmounted. jail_update updates a jail, requirements: make buildworld within /usr/src of the jail host jail_ps lists all jail processes, requirements: /proc procfs mounted, see procfs(5) jail.conf main configuration file, which defines jails with a particular alias, IP, x11 options etc jailtab acts like /etc/fstab, see fstab (5) , it lists the jails which are started when the jail host is booted. |
|
% mkdir /opt/jails edit /usr/local/etc/jail.conf accordingly, it’s well documented. % jail_install 192.168.0.101 creates a full independent system. % jail_install -light 192.168.0.102 creates a light system, where /usr is mounted read-only from the jail-host (like a diskless setup), all applications installed on the jail-host are also available for the jail. Note: the jail-root (as defined in jail.conf ) must reside outside of /usr/ of your jail-host, otherwise light-install can’t mount /usr/ into /usr/* (creates a loop) using nullfs. % jail_install -disk 256000 192.168.0.103 creates a system on a file-based disk, with a defined disk-size, size is given in KB, 256000 are 256MB % jail_start 192.168.0.101 % jail_ps 192.168.0.101 % jail_stop 192.168.0.101 % jail_delete 192.168.0.101 As mentioned, jail.conf you can define jails and add an alias, e.g. jailconfig_alpha="ip 192.168.0.101" jail_root="/usr/jails" jail_if="rl0" and then use the same commands with the alias you defined, instead of the IP. The alias acts also as hostname within the jail - for now don’t use dots within the alias. % jail_start alpha |
|
jail(8), hier(7) Also, see /usr/local/share/doc/jail_tools/ for more detailed README’s. http://the-labs.com/FreeBSD/JailTools/ has the latest version. Additionally a webmin-module to handle jails via a web GUI is available there as well. |
|
The light-installs can only be done when the jail-root resides outside of /usr/ because the light-install mount read-only the /usr/ of the jail-host using nullfs, and mounting /usr/ within /usr/jails (as example) would create a loop. I recommend you dedicate a slice or a disk just for the jails to avoid this. jail_stop isn’t reliable, it kills all jail process(es) it can find at a given time as listed in /proc, see procfs(5), under certain circumstances (heavy loaded machine) not all jail processes might be killed. jail_delete gives warning if mount points appear within the jail-root (e.g. /usr/jails/192.168.0.101/usr), make sure all mounts are removed, see umount(1) |
|
Rene K. Mueller kiwi|at|the-labs|dot|com |