Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 15 May 2018 13:30:31 +0200
From:      Andreas Nilsson <andrnils@gmail.com>
To:        Andreas Sommer <andreas.sommer87@googlemail.com>
Cc:        Mailinglists FreeBSD <freebsd-jail@freebsd.org>
Subject:   Re: Configure jail in /etc/jail.my-jail-name.conf while allowing auto-start with "service jail start"
Message-ID:  <CAPS9%2BSuU%2B_sK1%2Be6Sg-HDzuz4F04vqKcEmVutYrZanHK0oBRhQ@mail.gmail.com>
In-Reply-To: <fa8a8a7c-e816-92b4-5e2f-bdfd167dacf0@googlemail.com>
References:  <fa8a8a7c-e816-92b4-5e2f-bdfd167dacf0@googlemail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, May 15, 2018 at 1:17 PM, Andreas Sommer via freebsd-jail <
freebsd-jail@freebsd.org> wrote:

> Hi all,
>
> as I can see, this combination simply isn't part of /etc/rc.d/jail and
> jail(8).
> In fact, jail(8) always only reads one config file (`-f` parameter, default
> /etc/jail.conf).
>
> This also relates to why ezjail was still not ported to use jail.conf
> [0][1].
>
> It would be a great fit to automated configuration management (e.g. via
> Ansible
> or pkg POST-INSTALL scripts) because it allows overwriting complete files
> instead of having to edit the global jail.conf to make changes.
>
> Jail configured only in /etc/jail.my-jail-name.conf:
>
> > # service jail onestart
> > Starting jails:.
> (nothing started because jail not recognized as configured)
>
> Jail configured in /etc/jail.my-jail-name.conf and "mentioned" as
> `jail my-jail-name {}` in /etc/jail.conf:
>
> > # service jail onestart
> > Starting jails:jail: my-jail-name: new jail must persist or attach
> (this means only /etc/jail.conf was parsed)
>
> Any way to achieve this? I assume the answer is no, so here's a suggestion:
> what about having jail(8) read/merge configuration from another file?
>
> Example:
> > # cat /etc/jail.conf
> > my-jail-name { config = "/etc/jail.my-jail-name.conf"; }
> > # cat /etc/jail.my-jail-name.conf
> > my-jail-name { ...config goes here... }
>
> Thanks,
>  Andreas
>
>
Hello Andreas,

at least on -CURRENT the files are read as long as the jail names are in
jail_list in rc.conf.

It is though somewhat frustrating that you do not get defaults set in
jail.conf, so you need to specify stuff like persist in jail.$name.conf

Best regards
Andreas

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPS9%2BSuU%2B_sK1%2Be6Sg-HDzuz4F04vqKcEmVutYrZanHK0oBRhQ>