From owner-freebsd-jail@freebsd.org  Wed Dec 14 21:12:37 2016
Return-Path: <owner-freebsd-jail@freebsd.org>
Delivered-To: freebsd-jail@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A4EB7C77F1D
 for <freebsd-jail@mailman.ysv.freebsd.org>;
 Wed, 14 Dec 2016 21:12:37 +0000 (UTC)
 (envelope-from ike@blackskyresearch.net)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com
 [66.111.4.27])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 79386F1F
 for <freebsd-jail@FreeBSD.org>; Wed, 14 Dec 2016 21:12:36 +0000 (UTC)
 (envelope-from ike@blackskyresearch.net)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
 by mailout.nyi.internal (Postfix) with ESMTP id 047992068F;
 Wed, 14 Dec 2016 16:12:36 -0500 (EST)
Received: from frontend1 ([10.202.2.160])
 by compute1.internal (MEProxy); Wed, 14 Dec 2016 16:12:36 -0500
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
 blackskyresearch.net; h=cc:content-transfer-encoding
 :content-type:date:from:in-reply-to:message-id:mime-version
 :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc
 :x-sasl-enc; s=mesmtp; bh=sXMu3DXDfET5fLS4vjYjziWX6VU=; b=kFDSiQ
 x7FPjFdv1INpDJN1+WrF24apIon4186lqyitA0QLNiEriF2c59xS0CmStNZcCYzF
 1J2Ecr7/D8RJ3a+fJtvPMP109A8OI1ociCCu56oCZWCrvdZb2ViWKKlv01NgRaFm
 m+1/tw/s3Nuz2of5aqPW4FflAqXQOpEfg6Q+M=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-transfer-encoding:content-type
 :date:from:in-reply-to:message-id:mime-version:references
 :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s=
 smtpout; bh=sXMu3DXDfET5fLS4vjYjziWX6VU=; b=Z+z3OcfLwfWBEi0l2+Ay
 6jurG9Aeq1tqgBdK1jb7ctd1JjWHx8MSAA/rHAzsonFdiIgjuGkGXLYaqqlwoyk9
 esBov2cDZNJYRF/bGqYzkJxAVN7cCeZOr8y8oHYtiFi/HyZpQFRecNYyLlU7bK0z
 RMzhqcoRUSPrqXi90OF9pJE=
X-ME-Sender: <xms:w7VRWDgAw-Tq7YTx9OuMsRdiS7RjZZeZ0LbfljfVWF8u6RTYWNhQoQ>
X-Sasl-enc: RhT+x3qoOJ2puOgqcL6gHQuUrWkppaW/z43of0Yut5PX 1481749955
Received: from [192.168.0.11] (cpe-24-90-224-248.nyc.res.rr.com
 [24.90.224.248])
 by mail.messagingengine.com (Postfix) with ESMTPA id BC8B67E8C1;
 Wed, 14 Dec 2016 16:12:35 -0500 (EST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Subject: Re: multiple interfaces for jail.conf(1) and jail_set(2)
From: "Isaac (.ike) Levy" <ike@blackskyresearch.net>
In-Reply-To: <818391CE-7425-49DF-8794-B6E43C1389AD@ellael.org>
Date: Wed, 14 Dec 2016 16:12:35 -0500
Cc: freebsd-jail@FreeBSD.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <78BCD457-2007-4972-AAE7-0C008238FC4A@blackskyresearch.net>
References: <0ED7F403-F14E-4A72-8E54-AF74AAE15061@blackskyresearch.net>
 <45822529-2096-4B32-8515-F5875BEF7101@ellael.org>
 <907B489D-899A-4204-96D8-ACF86EE829A7@blackskyresearch.net>
 <818391CE-7425-49DF-8794-B6E43C1389AD@ellael.org>
To: Michael Grimm <trashcan@ellael.org>
X-Mailer: Apple Mail (2.3124)
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail/>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Dec 2016 21:12:37 -0000

Wow,

> On Dec 14, 2016, at 3:53 PM, Michael Grimm <trashcan@ellael.org> =
wrote:
>=20
>> Two questions though:
>>=20
>> - I=E2=80=99m confused how you define the shell style $ variables in =
your individual jail settings above, e.g. =E2=80=98$ip4_addr_2 =3D =
10.1.1.2;=E2=80=99, why/how does that work?  Is that a variable to be =
expanded, or some other behavior?
>=20
> This is described in jail.conf(5) under the section "variables". I do =
have 10 jails running, and those $ variables/parameters are very =
helpful, indeed.

I get it, the man page explained it well.

>=20
>>> Again, not sure if I do understand your issue correctly, but the =
shown examples of exec.start, exec.stop, etc. are quite versatile to =
use.
>>>=20
>>> I do start/stop my jails by "service jail start/stop=E2=80=9D.
>>=20
>> - Obviously you state you=E2=80=99re using service to start/stop =
jails, but shouldn=E2=80=99t this work with =E2=80=98jail -c =
<jailname>=E2=80=99, or are these subsystems not interoperable?
>=20
> Hmm. I do have to admit that I never tried 'jail -c <jailname>', but I =
just gave it a try, and yes, it works as well :-)=20
>=20
> I do use "service jail start/stop" because that will obey my =
pre-defined starting/stopping order of jails (which I do need to have, =
e.g. dns before mail and such) in /etc/rc.conf
>=20
> 	jail_enable=3D"YES"
> 	jail_reverse_stop=3D"YES"
> 	jail_list=3D"dns mail =E2=80=A6=E2=80=9D

Awesome!  For my use, I=E2=80=99m averse to starting jails at host boot- =
so I=E2=80=99m really excited this works.

Thanks so much Michael- this totally answered my question, I=E2=80=99m =
back on the right path to using jail.conf with my setup!

Best,
.ike