may be I just do not know the propper kewords*.
I want to make sure that a special jail is starting after another jail, it depents on. What to do in jail.conf (FreeBSD 14) or elsewhere?
* I'm not a native speaker
Each jail's specific data lives inside its own dataset: zusr/$name. This includes the fstab, which (if the dataset is encrypted/unmounted), won't be available until zfs mount -l zusr/$name.
Naturally, I thought that I could put some logic in exec.prepare, which performs this command before the...
Hello all, my first post!
Been using FreeBSD for a week or two now and I wanted to secure the simple things right away as is my nature. I wrote a Python script that can set and re-set:
Along with a set of mitigations that I've gathered over the...
I am not sure what I am missing but when I place my jail configurations into /etc/jail.conf.d the rc.d script for jails says it cannot find anything.
Is there something special I need to do to use that directory over a monolithic jail configuration file?
Hi! I'm sure someone must have asked this question milion times, but I can't find an answer and I spent already couple of hours on this. I have FreeBSD 13.0 instance on Vultr, where I would like to create jail. The problem is that I cannot reach the network from jail and I cannot even ping...
When I use a bastille, jail rules that include rules 1 to 3 from /etc/defaults/devfs.rules work.
Rules 1 to 3, referenced in the beginning of rule 4:
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
When I reference...
Setting up jail.conf, I've setup some exec.prestart & exec.release scripts for the jail service to run before starting up jail. I'll take one example where I create epair for the jail's interface in exec.prestart & destroy them in exec.release. My problem is that if, for any reason...
I've noticed a strange problem with setting"devfs_ruleset" in jail.conf.
host.hostname = testjail;
devfs_ruleset = 27;
#note: with no other configuration for this jail
Note: ruleset 27 does NOT exist - I've checked in /etc/defaults/devfs.rules and...
How do I make devices in /dev/ accessible inside a Bastille jail?
When I have two sets of rules, how do I set this in rc.conf.local, from within the host system?
How would bastille also get referenced with this?
In devfs.rules of the host (not within the...
Past week I've upgraded 25 servers from 12.0 to 12.1, all fine.
Today I did another 6, but now suddenly /etc/rc.d/jail onestart doesn't work for me, since /etc/jail.conf is not being read anymore, as in /etc/rc.conf the default: jail_config="/etc/jail.conf" was removed.
I remember seeing that...
I didn't know where to post this because I could not find a specific jail forum so figured I would post it here as a base system general thread :)
Am no expert so really after some opinions from experienced users and anyone who has seen this happen.
It would be great to know if this is...