Jail Already Exists

dweimer dweimer at dweimer.net
Tue Apr 21 20:47:13 UTC 2015 

On 04/21/2015 11:09 am, Matthew Seaman wrote:
> On 2015/04/21 16:17, dweimer wrote:
>> At some point in the past I learned the trick of dropping TCP
>> connections that were left open to clear processes that were not
>> allowing a jail that had been shutdown to be restarted. Does anyone 
>> know
>> other things that could cause a jail to be held open? I have one that 
>> I
>> am unable to start, without rebooting the entire server? In this
>> particular instance, It wouldn't be a big deal for me to bounce the
>> server, nor is it an issue leaving the jail down for a while to
>> experiment. However on some other servers both of these would be an
>> issue so I figured now is a good time to experiment with finding a
>> solution.
>> 
>> root at freebsd:/jails/proxy # jls
>>    JID  IP Address      Hostname                      Path
>>      1  192.168.5.6     pgsql.dweimer.local           
>> /jails/pgsql/ROOT
>>      2  192.168.5.9     mysql.dweimer.local           
>> /jails/mysql/ROOT
>>      3  192.168.5.2     webmail.dweimer.local         
>> /jails/webmail/ROOT
>>      4  192.168.5.4     bacula.dweimer.local          
>> /jails/bacula/ROOT
>>      5  192.168.5.8     unifi.dweimer.local           
>> /jails/unifi/ROOT
>> root at freebsd:/jails/proxy # jail -c proxy
>> jail: proxy: jail 6 already exists
>> 
>> jail 6's IP is 192.168.5.3
>> 
>> netstat -an | grep "192.168.5.3"
>> 
>> finds no results.
>> 
>> The jail simply runs a Squid proxy service, I have verified that there
>> isn't a hung up squid process. I have also verified that there are no
>> hung up python processes since I use a Python script as a log daemon 
>> to
>> write the Squid logs into a PostgreSQL database on jail 1. I am not 
>> sure
>> what else to check for.
> 
> I find that not specifying the JID in your jail.conf -- so allowing the
> system to choose an arbitrary JID as required -- will allow restarting
> jails without the hassle of old connections blocking stuff.
> 
> Of course, if you restart jails frequently, you'll end up with some
> arbitrarily large JIDs.  Get used to referring to the jail by name
> instead.  'jls -h name' will help if you're unsure what those are.
> 
> 	Cheers,
> 
> 	Matthew

Thanks Matthew, that appears to work fairly well, I think after looking 
more at the jls man page that a jls -N is more useful to me, as it still 
gives me the other information above but lists the JID by name. I do 
need to make sure none of my scripts are referencing any jails by their 
numeric ID.

# jls -N
  JID             IP Address      Hostname                      Path
  pgsql           192.168.5.6     pgsql.dweimer.local           
/jails/pgsql/ROOT
  mysql           192.168.5.9     mysql.dweimer.local           
/jails/mysql/ROOT
  webmail         192.168.5.2     webmail.dweimer.local         
/jails/webmail/ROOT
  bacula          192.168.5.4     bacula.dweimer.local          
/jails/bacula/ROOT
  unifi           192.168.5.8     unifi.dweimer.local           
/jails/unifi/ROOT
  proxy           192.168.5.3     proxy.dweimer.local           
/jails/proxy/ROOT

-- 
Thanks,
    Dean E. Weimer
    http://www.dweimer.net/

More information about the freebsd-questions mailing list