[Bug 194379] New: Remove interface option from jail(8) example

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Wed Oct 15 13:37:47 UTC 2014


https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194379

            Bug ID: 194379
           Summary: Remove interface option from jail(8) example
           Product: Documentation
           Version: Latest
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Many People
          Priority: ---
         Component: Documentation
          Assignee: freebsd-doc at FreeBSD.org
          Reporter: wout at canodus.be

In the section "Starting the Jail" of the jail(8) man page, it is suggested to
use the "interface" option to start the jail.

This results in the IP (alias) that is being assigned to the jail to be
automatically created and destroyed.

But, when you (by mistake or on purpose) assign the host's primary IP address
to the jail, and you do not have any aliases configured on the interface, this
results in the interface going down.

This is pretty dangerous, so I would suggest removing the "interface" option
from the example.

Using the primary IP address for jails is not good practice, but it is legal to
do so without using the "automatic IP alias" functionality of jail(8).

When you do have aliases set on the interface before the jail starts, the
interface does not go down, so it might be a bug in the jail(8) command.

For more information, see https://forums.freebsd.org/viewtopic.php?f=7&t=48436

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the freebsd-doc mailing list