rc.d/jail and jail.conf
000.fbsd at quip.cz
Sun Mar 31 20:01:15 UTC 2013
Dirk Engling wrote:
> On 30.03.13 21:38, Miroslav Lachman wrote:
>> jail_myjail_flags="-l -U root -n myjail"
> When trying to pass a my hostname (foo.com) as jailname like that,
> jail(8) will complain
> jail: jail "foo" not found
> as it does not allow periods in the jailname. This seems like an
> unfortunate limitation, as I tend to name my jails after the fqdn they
> are being started as.
> FYI, the name=myjail form did not work, because rc.d/jail uses the
> path hostname [ip[,...]] command ...
> synopsis of the jail command, which fails, if it sees name=value params.
I am sorry for misinform you with name=myjail in rc.conf, I didn't try
it because I am using an old way with -n jailname on my older boxes and
I am planing to use new syntax only with jail.conf (after problem with
mounting of devfs will be fixed).
> So I guess, I am out of luck here, because users used to think of their
> jails as what they saw in the hostname field on jls. If I am writing
> tools that use jail_getid to map the jailname to the jid, it will never
> match that hostname and I also can not copy the hostname to the jailname.
> Is there a reason for '.' being the only excluded character in the jailname?
I understand what you are talking about, but jails in these days are
something different from what jails were at the begining in 4.x days and
users must accept that jailname is something different than hostname.
In these days, you can have jails with many IP addresses or without IP
address. Hostname needn't to be unique etc.
Dot (.) is not allowed in jailname because of hierarchical jails, where
dot is used as hierarchy separator.
So jailname foo.bar.baz means foo is top level jail, bar is its child
and baz is child in bar.
Plain jls without any options should be used just for backward
compatibility with old scripts, because its output is insufficient for
todays jails. (only one IP is shown and no jailname)
jls -v or jls -s is better with new jails.
More information about the freebsd-jail