From owner-freebsd-jail@FreeBSD.ORG  Tue Jan 27 20:45:37 2015
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id AEC54E5C
 for <jail@freebsd.org>; Tue, 27 Jan 2015 20:45:37 +0000 (UTC)
Received: from elektropost.org (elektropost.org [217.115.13.199])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id EAE2D86C
 for <jail@freebsd.org>; Tue, 27 Jan 2015 20:45:36 +0000 (UTC)
Received: (qmail 44173 invoked from network); 27 Jan 2015 20:45:34 -0000
Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org)
 by elektropost.org with ESMTPS (DHE-RSA-AES128-SHA encrypted);
 27 Jan 2015 20:45:34 -0000
Message-ID: <54C7F8ED.2020205@erdgeist.org>
Date: Tue, 27 Jan 2015 21:45:33 +0100
From: Dirk Engling <erdgeist@erdgeist.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Peter Toth <peter.toth198@gmail.com>
Subject: Re: preferred jail management tool
References: <CACfj5vKjiQHsy9VbOKFFcrBpyr3dmbkOOxTxCYhSyZrnrjRiaQ@mail.gmail.com>	<CAHieY7TyxzC0aK-ErY2EbCmTJPykk_9G7Gd=CrZ9yxQ-77PynA@mail.gmail.com>	<20150127012347.GA4940@lonesome.com>	<20150127141239.V77290@sola.nimnet.asn.au>	<54C7958B.40007@gmail.com>	<54C7C828.4070703@erdgeist.org>	<14943.128.135.70.2.1422381245.squirrel@cosmo.uchicago.edu>	<54C7D371.9010609@erdgeist.org>	<13934.128.135.70.2.1422383293.squirrel@cosmo.uchicago.edu>	<CAEUAJxtctW_Ku4iQFWTKOsr=sABDtKEeKKVitFyFcxfUSp+jig@mail.gmail.com>	<54C7F109.2040405@erdgeist.org>
 <CAEUAJxtQjUJEh+z324utrY09FHTWVOwi0oegSv65+=-o48p66g@mail.gmail.com>
In-Reply-To: <CAEUAJxtQjUJEh+z324utrY09FHTWVOwi0oegSv65+=-o48p66g@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Cc: jail@freebsd.org
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail/>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jan 2015 20:45:37 -0000

On 27.01.15 21:37, Peter Toth wrote:

> So to answer the question again, jail.conf or the standard rc.d/jail
> felt too limiting with a lot of these features simply missing.

I completely agree, yet I think that it should not be up to third party
tools to implement those features independently and – in worst case –
against the inventors intentions. That's why I tried to map everything
possible to what's there in rc.d/jail in ezjail.

Laying out everything that needs to go into a proper jail config
container should be done here on the list and then implemented either in
a format that jail(8) can consume and that other tools can reliably modify.

  erdgeist