Date: Tue, 21 Apr 2015 17:09:02 +0100 From: Matthew Seaman <matthew@FreeBSD.org> To: freebsd-questions@freebsd.org Subject: Re: Jail Already Exists Message-ID: <5536761E.2040308@FreeBSD.org> In-Reply-To: <99152c411cd85b3cccd77a1404c519cf@dweimer.net> References: <99152c411cd85b3cccd77a1404c519cf@dweimer.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --JS4Jqj86dkcx50iP32n7H81V7U4RKmaHd Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2015/04/21 16:17, dweimer wrote: > At some point in the past I learned the trick of dropping TCP > connections that were left open to clear processes that were not > allowing a jail that had been shutdown to be restarted. Does anyone kno= w > other things that could cause a jail to be held open? I have one that I= > am unable to start, without rebooting the entire server? In this > particular instance, It wouldn't be a big deal for me to bounce the > server, nor is it an issue leaving the jail down for a while to > experiment. However on some other servers both of these would be an > issue so I figured now is a good time to experiment with finding a > solution. >=20 > root@freebsd:/jails/proxy # jls > JID IP Address Hostname Path > 1 192.168.5.6 pgsql.dweimer.local /jails/pgsql/ROOT= > 2 192.168.5.9 mysql.dweimer.local /jails/mysql/ROOT= > 3 192.168.5.2 webmail.dweimer.local /jails/webmail/RO= OT > 4 192.168.5.4 bacula.dweimer.local /jails/bacula/ROO= T > 5 192.168.5.8 unifi.dweimer.local /jails/unifi/ROOT= > root@freebsd:/jails/proxy # jail -c proxy > jail: proxy: jail 6 already exists >=20 > jail 6's IP is 192.168.5.3 >=20 > netstat -an | grep "192.168.5.3" >=20 > finds no results. >=20 > The jail simply runs a Squid proxy service, I have verified that there > isn't a hung up squid process. I have also verified that there are no > hung up python processes since I use a Python script as a log daemon to= > write the Squid logs into a PostgreSQL database on jail 1. I am not sur= e > what else to check for. I find that not specifying the JID in your jail.conf -- so allowing the system to choose an arbitrary JID as required -- will allow restarting jails without the hassle of old connections blocking stuff. Of course, if you restart jails frequently, you'll end up with some arbitrarily large JIDs. Get used to referring to the jail by name instead. 'jls -h name' will help if you're unsure what those are. Cheers, Matthew --JS4Jqj86dkcx50iP32n7H81V7U4RKmaHd Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJVNnYlAAoJEABRPxDgqeTnqrkP/3LTvanuL49+sqGBLRCy77uc cTCjq5vYBb8+WDB932e4Pjw7XTh5txYXMaKPnnEchmURrZ3PRLP9+vK3lg2nMkbj fGM1Y6Q2iqamn07VJXeU6SI4ALuN60hT1c+Mcgx+640zOqhtdphvABEU7ZQ4fdGi 6hOssukc7CdFmJTnA6CSJpXijlHFocL+EG9HvogFRNe7VK+BZpjuiN7WncEXH4vP 3Gx5nfMTOIuRnWUwjcFwuzscmZLyN9/E6VE4Srm2M3DAtj3cl1+Aktsffwj8MYvA HVfMNtu/OhLV1f9Gx0GLUar9jJMLSHCx+wZKNdFevW6oEoFsj4aHEf7TqlAmyyn4 h04qHGmiqplzVftL3PuknZb1JwJeYeKxYbUaDrRU4awX1Gvl8brg9Hn30pfICdYK gm5OzTo3ouhnQqz/A/F2a2bsuVHwQqRtGQHWl/E3nNVNYKnZmKSfstXQnfs4cUHu 1fYNuxlvWyyp+tTSNdx1JKVDlxnBoCvj7SZMFV2pd+1ntCg6EQaK3kK9G50oqA9M kh8feO6JtU9ZiX6W/VNiZGNWGh7C2SHbYcRCpYT+x4pfDJuBpLUzgACupLjgkYTY pMHNSVjtXBX4w7PMUQR9bpaMf2GJ/OSNNpLm2imZM7RuRNoRdMviV4MCMxTe+qmX S0/dcYvpc22SHWXeqgt6 =07Po -----END PGP SIGNATURE----- --JS4Jqj86dkcx50iP32n7H81V7U4RKmaHd--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5536761E.2040308>