From owner-svn-doc-head@freebsd.org Tue Mar 6 12:55:32 2018 Return-Path: Delivered-To: svn-doc-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A516EF2F304; Tue, 6 Mar 2018 12:55:32 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 425D675C0F; Tue, 6 Mar 2018 12:55:32 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3CCC513213; Tue, 6 Mar 2018 12:55:32 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w26CtWKL076252; Tue, 6 Mar 2018 12:55:32 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w26CtWU6076251; Tue, 6 Mar 2018 12:55:32 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201803061255.w26CtWU6076251@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Tue, 6 Mar 2018 12:55:32 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r51462 - head/en_US.ISO8859-1/books/handbook/jails X-SVN-Group: doc-head X-SVN-Commit-Author: emaste X-SVN-Commit-Paths: head/en_US.ISO8859-1/books/handbook/jails X-SVN-Commit-Revision: 51462 X-SVN-Commit-Repository: doc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Mar 2018 12:55:32 -0000 Author: emaste (src committer) Date: Tue Mar 6 12:55:31 2018 New Revision: 51462 URL: https://svnweb.freebsd.org/changeset/doc/51462 Log: Document jail.conf Jail configuration jail.conf is the preferred method of configuring jails in all supported FreeBSD versions. Older rc.conf(5) configuration produces a warning. Update the handbook example to match based on the submission in the PR, with a few modifications. PR: 187142 Submitted by: Jack-Benny Persson Reviewed by: bcr, eadler Approved by: bcr, eadler Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D14524 Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/jails/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Mon Mar 5 15:50:47 2018 (r51461) +++ head/en_US.ISO8859-1/books/handbook/jails/chapter.xml Tue Mar 6 12:55:31 2018 (r51462) @@ -313,46 +313,41 @@ - A list of the jails which are enabled to start at boot - time should be added to the &man.rc.conf.5; file: + Configure jail parameters in + jail.conf: + www { + host.hostname = www.example.org; # Hostname + ip4.addr = 192.168.0.10; # IP address of the jail + path ="/usr/jail/www"; # Path to the jail + devfs_ruleset = "www_ruleset"; # devfs ruleset + mount.devfs; # Mount devfs inside the jail + exec.start = "/bin/sh /etc/rc"; # Start command + exec.stop = "/bin/sh /etc/rc.shutdown"; # Stop command +} - jail_enable="YES" # Set to NO to disable starting of any jails -jail_list="www" # Space separated list of names of jails + Configure jails to start at boot time in + rc.conf: - - Jail names in jail_list should - contain alphanumeric characters only. - - + jail_enable="YES" # Set to NO to disable starting of any jails - - For each jail listed in jail_list, a - group of &man.rc.conf.5; settings, which describe the - particular jail, should be added: - - jail_www_rootdir="/usr/jail/www" # jail's root directory -jail_www_hostname="www.example.org" # jail's hostname -jail_www_ip="192.168.0.10" # jail's IP address -jail_www_devfs_enable="YES" # mount devfs in the jail - The default startup of jails configured in - &man.rc.conf.5;, will run the /etc/rc + &man.jail.conf.5;, will run the /etc/rc script of the jail, which assumes the jail is a complete virtual system. For service jails, the default startup command of the jail should be changed, by setting the - jail_jailname_exec_start + exec.start option appropriately. For a full list of available options, please see the - &man.rc.conf.5; manual page. + &man.jail.conf.5; manual page. &man.service.8; can be used to start or stop a jail by hand, if an entry for it exists in - rc.conf: + jail.conf: &prompt.root; service jail start www &prompt.root; service jail stop www