jail_<name>_conf in /etc/rc.conf
Fabian Keil
freebsd-listen at fabiankeil.de
Wed Jun 14 10:19:24 UTC 2006
"Raphael H. Becker" <rabe at p-i-n.com> wrote:
> having a jail-server and maintaining lots of jails may cause headache,
> when editing /etc/rc.conf.
>
> My idea is to define per-jail.conf files outside /etc/rc.conf.
> This would make using conf-templates much easier and you don't
> need to do evil "script-magic" on /etc/rc.conf.
> Any alternative solution getting something like this running?
Try /usr/ports/sysutils/ezjail/
<http://erdgeist.org/arts/software/ezjail/>
It only requires one line in rc.conf
and uses one configuration file for every jail:
fk at TP51 ~ $grep jail /etc/rc.conf
ezjail_enable="YES"
fk at TP51 ~ $cat /usr/local/etc/ezjail/porttest
# To specify the start up order of your ezjails, use these lines to
# create a Jail dependency tree. See rcorder(8) for more details.
#
# PROVIDE: standard_ezjail
# REQUIRE:
# BEFORE:
#
export jail_porttest_hostname="porttest"
export jail_porttest_ip="192.168.6.100"
export jail_porttest_rootdir="/usr/jails/porttest"
export jail_porttest_exec="/bin/sh /etc/rc"
export jail_porttest_mount_enable="YES"
export jail_porttest_devfs_enable="YES"
export jail_porttest_devfs_ruleset="devfsrules_pf_jail"
export jail_porttest_procfs_enable="YES"
export jail_porttest_fdescfs_enable="YES"
export jail_porttest_image=""
export jail_porttest_imagetype=""
export jail_porttest_attachparams=""
export jail_porttest_attachblocking=""
export jail_porttest_forceblocking=""
Fabian
--
http://www.fabiankeil.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20060614/81bc3cd8/signature.pgp
More information about the freebsd-current
mailing list