From owner-freebsd-jail@freebsd.org Sun Sep 4 16:34:30 2016 Return-Path: Delivered-To: freebsd-jail@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A1E4AA9D33A for ; Sun, 4 Sep 2016 16:34:30 +0000 (UTC) (envelope-from list1@gjunka.com) Received: from msa1.earth.yoonka.com (yoonka.com [185.24.122.233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "msa1.earth.yoonka.com", Issuer "msa1.earth.yoonka.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 374D4D00 for ; Sun, 4 Sep 2016 16:34:29 +0000 (UTC) (envelope-from list1@gjunka.com) Received: from ultrabook.yoonka.com (p5DC0F31D.dip0.t-ipconnect.de [93.192.243.29]) (authenticated bits=0) by msa1.earth.yoonka.com (8.15.2/8.15.2) with ESMTPSA id u84GYR7A095821 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Sun, 4 Sep 2016 16:34:27 GMT (envelope-from list1@gjunka.com) X-Authentication-Warning: msa1.earth.yoonka.com: Host p5DC0F31D.dip0.t-ipconnect.de [93.192.243.29] claimed to be ultrabook.yoonka.com Subject: Re: Changing jail's IP automatically References: <872dfbe1-3f39-bf5f-44b2-611bd92a1210@gjunka.com> <4fa37d2e14665ff5a00548626e55142f@gritton.org> To: freebsd-jail@freebsd.org From: Grzegorz Junka Message-ID: <2e2ab827-a88b-b374-5d86-b8d8da98872b@gjunka.com> Date: Sun, 4 Sep 2016 16:34:20 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <4fa37d2e14665ff5a00548626e55142f@gritton.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Sep 2016 16:34:30 -0000 On 03/09/2016 15:33, James Gritton wrote: > On 2016-09-02 15:08, Grzegorz Junka wrote: >> I am using a jail on my laptop and I often connect to different >> WiFi's, which of course assign different IPs to my laptop. I set up >> the jail by adding an alias to wlan0 and I need to update the IP every >> time I switch the WiFi network. Is it possible to create a jail with >> IP assigned dynamically, e.g. from DHCP, or at least switch between >> predefined IPs more easily than by editing /etc/jail.conf? > > You can always add addresses later. I would create the jail without > any IP address specified in jail.conf, and then have a exec.poststart > script that sets the address using something like "jail -m name=foo > ip4.addr=1.2.3.4". And similarly when the network switches, it would > need to trigger a similar script that resets the address. > > It's a little more complicated that than though: network daemons will > be bound to the old address after the switch, so you'll need to run > the proper service(8) commands to restart those, in the right order. > Or depending on the service, maybe a kick of some sort (like a kill > -1) would do the trick. > > And at start time, if the jail has no IP address of its own, anything > it runs will use the regular system IP addresses. That's definitely > not what you want. Unfortunately, jail(8) doesn't have a way to run a > script in the system environment after the jail is created but before > exec.start is run. That would be the right place to set the initial > address. So barring that, you may want to have network services not > started up at all, until this poststart script sets the address. So > it's still not a simple issue. > > - Jamie Thanks. It shouldn't be a problem since I usually restart the whole system when switching between networks. And so the jail wouldn't need to be updated with a new IP. I will try to assign the IP from a script then once the jail has been started.