how to make vimage jail permanent by configuring rc.conf?

Markiyan Kushnir mkushnir at lohika.com
Tue Dec 22 00:49:02 UTC 2009 

Hello,

I also wanted to have it work, but failed and just had to patch my 
/etc/rc.d/jail until it's resolved.

The first problem is that currently /etc/rc.d/jail creates jails using 
the parameterless form of jail(8). Another issue is that after the jail 
is created, it currently seems not possible to squeeze the "ifconfig 
vnet ..." in between "jail ..." and "jexec ..." -- I mean using 
*_exec_afterstart and *_exec_poststart in the order they are invoked now 
by the jail rc script.

I had to invent a kind of "exec_earlypoststart" locally, and call all 
routines the following order:

   1. /usr/sbin/jail called in the parameter-aware mode
   2. _exec_earlypoststart
   3. _exec_afterstart
   4. _exec_poststart

Then the rc.conf would look like:

cloned_interfaces="$cloned_interfaces epair0"
ifconfig_bridge0="addm epair0a $ifconfig_bridge0"
ifconfig_epair0a="up"
jail_list="$jail_list QQ"
jail_QQ_flags="-l -U root vnet persist name=QQ"
jail_QQ_name="QQ"
jail_QQ_rootdir="/usr/jails/QQ"
jail_QQ_hostname="QQ.localhost"
jail_QQ_exec_earlypoststart0="ifconfig epair0b vnet QQ"
jail_QQ_exec_afterstart1="ifconfig epair0b 10.1.1.1"
jail_QQ_exec_afterstart2="ifconfig epair0b inet6 2001::1:1:1 prefixlen 128"
jail_QQ_exec_afterstart3="ifconfig lo0 127.0.0.1"
jail_QQ_exec_afterstart4="route -n add default 10.0.0.1" # bridge0
jail_QQ_exec_afterstart5="route -n add -inet6 default 2001::1" # bridge0
jail_QQ_exec_afterstart6="/bin/sh /etc/rc"

Note that the "/bin/sh /etc/rc" which is the default in the current jail 
rc script is called here explicitly, because parameter form of jail(8) 
cannot run commands inside jails.

Markiyan.

Mel Flynn wrote:
> On Friday 18 December 2009 13:40:47 Kouichiro Iwao wrote:
> 
>> I want to make it permanent. I want jails to start automatically when I
>> rebooted the host environment. I add the following lines into rc.conf.
>>
>> jail_jail01_flags="-c vnet"
>> jail_jail01_rootdir="/usr/jail/jail01"
>> jail_jail01_hostname="jail01.example.jp"
>> jail_jail01_ip="192.168.100.101"
>>
>> However, I failed "/etc/rc.d/jail onestart jail01" to start up the jail.
>> How to configure rc.conf in order to make vimage jail permanent?
>>
>> rc.d/jail only support traditional jails?
> 
> Please show the output, with rc_debug turned on in /etc/rc.conf.

More information about the freebsd-questions mailing list