Adding a startup service to a jail

[Saustin]

Hello everyone,

Coming from a Linux background, I am new to the concept of jails. Forgive me if this is a elementary question, however I Googled to no avail.

There is no rc.conf in my jail's /etc/ directory. Could someone please enlighten me as to how I would add a start-up service (specifically tor) for the jail?

Thank you.

 

[Beeblebrox]

You just create your own etc/rc.conf in the jail path. For syntax, review the rc.conf of the base system and rc.conf(7). For jails, you can create a standard or minimal of the configure files you wish to use, then place those files in the default folder. Those files will be copied to jail's etc each time you create a new jail (read ezjail(7) for explanation).

For a jail-specific rc.conf, you can start with:

# No network interfaces in jails
network_interfaces=""
hostname="tor.jail"
tor_enable="YES"

# sshd_enable="YES"
clear_tmp_enable="YES"
syslogd_flags="-ss"       # Prevent syslog to open sockets
cron_flags="$cron_flags -J 15"        # Prevent jails doing cron jobs at the same time

#_DISABLED
rpcbind_enable="NO"
sendmail_enable="NO"
ipv6_activate_all_interfaces="NO"
virecover_enable="NO"
update_motd="NO"

Don't forget to specify the security features for your jails either in /etc/defs.rules and /etc/jail.conf or through the ezjail config files.

 

[Saustin]

I see; I figured that the rc.conf would have been included anyhow. I did attempt creating my own and I issued a shutdown command on the jail; however you cannot shut down a jail as you would a normal system.

Thanks!

 

[dajero]

A way to properly stop services running inside a jail when removing it, is to set a jail's exec.stop pseudo-parameter to "/bin/sh /etc/rc.shutdown". A jail with exec.stop set to that value can be "shutdown" by issuing # jail -r jailname. See jail(8).