Jail Already Exists

Matthew Seaman matthew at FreeBSD.org
Tue Apr 21 16:09:58 UTC 2015 

On 2015/04/21 16:17, dweimer wrote:
> At some point in the past I learned the trick of dropping TCP
> connections that were left open to clear processes that were not
> allowing a jail that had been shutdown to be restarted. Does anyone know
> other things that could cause a jail to be held open? I have one that I
> am unable to start, without rebooting the entire server? In this
> particular instance, It wouldn't be a big deal for me to bounce the
> server, nor is it an issue leaving the jail down for a while to
> experiment. However on some other servers both of these would be an
> issue so I figured now is a good time to experiment with finding a
> solution.
> 
> root at freebsd:/jails/proxy # jls
>    JID  IP Address      Hostname                      Path
>      1  192.168.5.6     pgsql.dweimer.local           /jails/pgsql/ROOT
>      2  192.168.5.9     mysql.dweimer.local           /jails/mysql/ROOT
>      3  192.168.5.2     webmail.dweimer.local         /jails/webmail/ROOT
>      4  192.168.5.4     bacula.dweimer.local          /jails/bacula/ROOT
>      5  192.168.5.8     unifi.dweimer.local           /jails/unifi/ROOT
> root at freebsd:/jails/proxy # jail -c proxy
> jail: proxy: jail 6 already exists
> 
> jail 6's IP is 192.168.5.3
> 
> netstat -an | grep "192.168.5.3"
> 
> finds no results.
> 
> The jail simply runs a Squid proxy service, I have verified that there
> isn't a hung up squid process. I have also verified that there are no
> hung up python processes since I use a Python script as a log daemon to
> write the Squid logs into a PostgreSQL database on jail 1. I am not sure
> what else to check for.

I find that not specifying the JID in your jail.conf -- so allowing the
system to choose an arbitrary JID as required -- will allow restarting
jails without the hassle of old connections blocking stuff.

Of course, if you restart jails frequently, you'll end up with some
arbitrarily large JIDs.  Get used to referring to the jail by name
instead.  'jls -h name' will help if you're unsure what those are.

	Cheers,

	Matthew



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 882 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20150421/a18dc5c6/attachment.sig>

More information about the freebsd-questions mailing list