I'd like to be able to configure my jails with some local variables that don't need to be passed to the kernel during jail(8) creation. I can set one, and
but it causes an error when starting the jail:
I was hoping there might be some reserved namespace for user-defined config variables that I could use in lieu of X
While I believe this would be generally useful, especially if perhaps these user-defined variables got inherited by the jail's environment, my specific objective is to be able to identify what OS is installed in each jail. There is a variable
My current jail.conf does not set any of those, yet they have somewhat puzzling default values:
The actual OSes in those jails are:
But when I set the config to be:
the jail again refuses to start and complains
What can I do to query the OS inside a jail other than
jail -e \; will display it:
Code:
...;X.my_variable=my_value;...but it causes an error when starting the jail:
Code:
jail: my_jail: unknown parameter: X.my_variableI was hoping there might be some reserved namespace for user-defined config variables that I could use in lieu of X
While I believe this would be generally useful, especially if perhaps these user-defined variables got inherited by the jail's environment, my specific objective is to be able to identify what OS is installed in each jail. There is a variable
security.jail.param.linux.osname, but it doesn't seem to accept an arbitrary string value when defined in jail.conf.
Code:
# sysctl -d security.jail.param.linux.osname security.jail.param.host.hostname security.jail.param.host.domainname
security.jail.param.linux.osname: Jail Linux kernel OS name
security.jail.param.host.hostname: Jail hostname
security.jail.param.host.domainname: Jail NIS domainnameMy current jail.conf does not set any of those, yet they have somewhat puzzling default values:
Code:
# for j in 7 8 9 10; do sysctl -j $j security.jail.param.linux.osname security.jail.param.host.hostname \
security.jail.param.host.domainname; echo --; done
security.jail.param.linux.osname: 65
security.jail.param.host.hostname: 256
security.jail.param.host.domainname: 256
--
security.jail.param.linux.osname: 65
security.jail.param.host.hostname: 256
security.jail.param.host.domainname: 256
--
security.jail.param.linux.osname: 65
security.jail.param.host.hostname: 256
security.jail.param.host.domainname: 256
--
security.jail.param.linux.osname: 65
security.jail.param.host.hostname: 256
security.jail.param.host.domainname: 256The actual OSes in those jails are:
Code:
# for j in 7 8 9 10; do jexec $j uname -a; done
FreeBSD webwork2.example.edu 14.3-BETA2 FreeBSD 14.3-BETA2 releng/14.3-n271377-0e8065166204 GENERIC amd64
FreeBSD listserv.example.edu 14.3-BETA2 FreeBSD 14.3-BETA2 releng/14.3-n271377-0e8065166204 GENERIC amd64
FreeBSD aarch64.example.edu 14.3-BETA2 FreeBSD 14.3-BETA2 releng/14.3-n271377-0e8065166204 GENERIC amd64
Linux ubuntu 5.15.0 FreeBSD 14.3-BETA2 releng/14.3-n271377-0e8065166204 GENERIC x86_64 x86_64 x86_64 GNU/Linux
# jexec 10 lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 24.04.2 LTS
Release: 24.04
Codename: nobleBut when I set the config to be:
Code:
name=ubuntu-23;path=/jail/ubuntu-23.10;interface=private;mount.devfs;exec.clean;exec.jail_user=root;exec.start="/etc/init.d/rc 3";
exec.stop="/etc/init.d/rc 0";exec.consolelog=/var/log/jail_ubuntu-23.log;exec.system_user=root;allow.raw_sockets;allow.mount=1;
allow.set_hostname=0;allow.sysvipc=0;security.jail.param.linux.osname="Ubuntu 24.04.2 LTS";host.hostname=ubuntu;persist;
sysvmsg=inherit;sysvsem=inherit;sysvshm=inherit;enforce_statfs=1;devfs_ruleset=7;ip4.addr=192.168.1.8;mount.fstab=/etc/fstab.ubuntu23the jail again refuses to start and complains
unknown parameter: security.jail.param.linux.osnameWhat can I do to query the OS inside a jail other than
jexec trickery? A jexec-based query of course requires the jail to be running, whereas I'd prefer to be able to query even stopped jails, based on their jail.conf settings.