Jails that won't die...

Eirik Øverby eirik at unicore.no
Tue Jun 28 08:37:35 GMT 2005


I have, since upgrading to 5.x and updating my management tools, seen  
a number of problems relating to stopping jails.

I'm maintaining several hosts with a number of full-featured jails  
(i.e. full virtual FreeBSD installations in each jail), and in  
general this works fine. However, whenever I stop a jail using 'jexec  
<id> kill -SIGNAL -1' or 'jexec <id> /bin/sh /etc/rc.shutdown' (in  
various combinations), jails have a tendency to stick around for  
minutes or hours - according to 'jls'. Often I see an entry in  
'netstat -a' indicating that there is one or more sockets in FIN_WAIT  
state, preventing the jail from coming down. Taking the virtual  
network interface (alias) down does not help. All I can do at this  
point is wait.

I normally use 'jls' to determine whether or not a jail can be  
restarted (i.e. it's not running), but this is pretty useless in such  
cases. And right now I have a case where 'netstat -a' shows me  
nothing pertaining to the jail, though it has no processes running. I  
have therefore force-started the jail again, which seems to work  
nicely, but now 'jls' gives me two entries for this jail, with  
different JIDs.

What am I doing wrong here?


