From owner-freebsd-questions@freebsd.org  Fri Nov 29 17:35:34 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id EF6891B6A58
 for <freebsd-questions@mailman.nyi.freebsd.org>;
 Fri, 29 Nov 2019 17:35:34 +0000 (UTC)
 (envelope-from dpchrist@holgerdanske.com)
Received: from holgerdanske.com (holgerdanske.com [184.105.128.27])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "holgerdanske.com", Issuer "holgerdanske.com" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 47PhVY0TJ7z47kp
 for <freebsd-questions@freebsd.org>; Fri, 29 Nov 2019 17:35:32 +0000 (UTC)
 (envelope-from dpchrist@holgerdanske.com)
Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA
 (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD)
 (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN)
 for <freebsd-questions@freebsd.org>; Fri, 29 Nov 2019 09:35:27 -0800
To: freebsd-questions@freebsd.org
From: David Christensen <dpchrist@holgerdanske.com>
Subject: ezjail Starting jails timeout and WARNING: Per-jail configuration via
 jail_* variables is obsolete...
Message-ID: <deb08045-f50f-419d-01f0-38f4723c74e8@holgerdanske.com>
Date: Fri, 29 Nov 2019 09:35:26 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.9.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 47PhVY0TJ7z47kp
X-Spamd-Bar: -
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=none (mx1.freebsd.org: domain of dpchrist@holgerdanske.com has no SPF
 policy when checking 184.105.128.27) smtp.mailfrom=dpchrist@holgerdanske.com
X-Spamd-Result: default: False [-1.66 / 15.00]; ARC_NA(0.00)[];
 RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 IP_SCORE(-0.57)[ipnet: 184.104.0.0/15(0.73), asn: 6939(-3.51), country:
 US(-0.05)]; MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
 TO_DN_NONE(0.00)[]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1];
 NEURAL_HAM_LONG(-1.00)[-0.997,0];
 DMARC_NA(0.00)[holgerdanske.com];
 RCVD_IN_DNSWL_NONE(0.00)[27.128.105.184.list.dnswl.org : 127.0.10.0];
 R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:6939, ipnet:184.104.0.0/15, country:US];
 MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[];
 RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Nov 2019 17:35:35 -0000

freebsd-questions:

I have a FreeBSD system:

root@soho2:~ # freebsd-version ; uname -a
11.3-RELEASE-p5
FreeBSD soho2.tracy.holgerdanske.com 11.3-RELEASE-p5 FreeBSD 
11.3-RELEASE-p5 #0: Tue Nov 12 08:59:04 UTC 2019 
root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64


I am attempting to use ezjail:

http://erdgeist.org/arts/software/ezjail/


I am also referring to some additional resources:

https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails.html

man 8 jail

man 7 ezjail

man 8 ezjail-admin

man 5 ezjail.conf

https://nostarch.com/absfreebsd3


I limited listening ports on the host:

     # sockstat -46l
     USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN 
ADDRESS
     root     sendmail   751   3  tcp4   127.0.0.1:25          *:*
     root     sshd       744   3  tcp4   192.168.5.11:22       *:*
     _ntp     ntpd       713   6  udp4   192.168.5.11:123      *:*
     root     syslogd    544   6  udp4   192.168.5.11:514      *:*


I configured the system to add aliases to the primary network interface 
at boot:

     # grep alias /etc/rc.conf
     ifconfig_igb0_alias0="inet 192.168.5.100 netmask 255.255.255.255"
     ifconfig_igb0_alias1="inet 192.168.5.101 netmask 255.255.255.255"
     ifconfig_igb0_alias2="inet 192.168.5.102 netmask 255.255.255.255"
     ifconfig_igb0_alias3="inet 192.168.5.103 netmask 255.255.255.255"


I configured the system to clone the loopback interface at boot:

     # grep cloned_interfaces /etc/rc.conf
     cloned_interfaces="lo1"


I rebooted.


I installed ezjail from ports:

     # cd /usr/ports/sysutils/ezjail
     # make install clean


I configured ezjail:

     # egrep '^[^#].' /usr/local/etc/ezjail.conf
     ezjail_ftphost=http://ftp.freebsd.org
     ezjail_use_zfs="YES"
     ezjail_use_zfs_for_jails="YES"
     ezjail_jailzfs="soho2_zroot/ezjail"


I enabled ezjail at boot:

     # grep ezjail /etc/rc.conf
     ezjail_enable="YES"


I started the ezjail service:

     # service ezjail start
      ezjail


I performed the ezjail initial setup:

     # ezjail-admin install -p


I created a test jail:

     # ezjail-admin create testjail 'lo1|127.0.1.1,igb0|192.168.5.100'

     # cat /usr/local/etc/ezjail/testjail
     # To specify the start up order of your ezjails, use these lines to
     # create a Jail dependency tree. See rcorder(8) for more details.
     #
     # PROVIDE: standard_ezjail
     # REQUIRE:
     # BEFORE:
     #

     export jail_testjail_hostname="testjail"
     export jail_testjail_ip="lo1|127.0.1.1,igb0|192.168.5.100"
     export jail_testjail_rootdir="/usr/jails/testjail"
     export jail_testjail_exec_start="/bin/sh /etc/rc"
     export jail_testjail_exec_stop=""
     export jail_testjail_mount_enable="YES"
     export jail_testjail_devfs_enable="YES"
     export jail_testjail_devfs_ruleset="devfsrules_jail"
     export jail_testjail_procfs_enable="YES"
     export jail_testjail_fdescfs_enable="YES"
     export jail_testjail_image=""
     export jail_testjail_imagetype="zfs"
     export jail_testjail_attachparams=""
     export jail_testjail_attachblocking=""
     export jail_testjail_forceblocking=""
     export jail_testjail_zfs_datasets=""
     export jail_testjail_cpuset=""
     export jail_testjail_fib=""
     export jail_testjail_parentzfs="soho2_zroot/ezjail"
     export jail_testjail_parameters="allow.raw_sockets=1"
     export jail_testjail_post_start_script=""
     export jail_testjail_retention_policy=""


I started the jail:

     # ezjail-admin start testjail
     Starting jails: testjail.
     /etc/rc.d/jail: WARNING: Per-jail configuration via jail_* 
variables  is obsolete.  Please consider migrating to /etc/jail.conf.


Any ideas about the warning?


I started a console in the jail, looked around, set the root password, 
set timezone, create /etc/resolv.conf, created /etc/rc.conf, etc., and 
logged out:

     # ezjail-admin console testjail
     FreeBSD 11.3-RELEASE-p5 (GENERIC) #0: Tue Nov 12 08:59:04 UTC 2019

     Welcome to FreeBSD!
     <snip>


I stopped the jail:

     # ezjail-admin stop testjail
     Stopping jails: testjail.


When I reboot, I see:

      ezjaileval: 
jail_testjail-20191128-120605_exec_start=-20191128-120605_exec_start: 
not found
      Warning: root directory -20191128-120605_rootdir of 
testjail-20181128-120605 does not exist.
     Starting jails:


Boot hangs after "Starting jails", then times out after 1+ minute:

      testjail.
     /etc/rc.d/jail: WARNING: Per-jail configuration via jail_* 
variables is obsolete.  Please consider migrating to /etc/jail.conf.


Any ideas why the system hangs at boot when starting jails?


TIA,

David