Solved Running jails from /etc/jail.conf.d?

[Unixnut]

Hi all,

On a clean install of 13.1-RELEASE, I have noticed that there is now a "/etc/jail.conf.d" folder. As this would make automated jail management easier for me, I would like to make use of it.
I made a simple test configuration in /etc/jail.conf.d/test.conf, and tried starting the jail. However I got the following error:

root@test-lab:~ # service jail start
Starting jails:jail: /etc/jail.conf: No such file or directory
.

Ok, thinking perhaps the service needs a stub /etc/jail.conf, I create an empty file and try again:

root@test-lab:~ # touch /etc/jail.conf
root@test-lab:~ # service jail start
Starting jails:.
root@test-lab:~ #

This time I get no errors, but it does not attempt to start my jail as defined in /etc/jail.conf.d/test.conf.

Is there some config I need to change to make the service use the /etc/jail.conf.d directory?

 

[T-Daemon]

Not tested myself, but check this out:

Commit log messages of "Add support for jail.conf.d":

Add support for jail.conf.d

Using /etc/jail.{jailname}.conf is nice, however it makes /etc/ very
messy if you have many jails.  This patch allows one to move these
config files out of the way into /etc/jail.conf.d/{jailname}.conf.

Note that the same caveat as /etc/jail.*.conf applies: the jail service
will not autodiscover all of these for starting 'all' jails.  This is
considered future work, since the behavior matches.

And rc.conf(5)

     jail_conf   (str) The configuration filename used by jail(8) utility.
                 The default value is /etc/jail.conf.  /etc/jail.⟨jname⟩.conf
                 and /etc/jail.conf.d/⟨jname⟩.conf will also be used if
                 ⟨jname⟩ is set in jail_list.

     ...
     jail_list   (str) A space-delimited list of jail names.  When left empty,
                 all of the jail(8) instances defined in the configuration
                 file are started.  The names specified in this list control
                 the jail startup order.  jail(8) instances missing from
                 jail_list must be started manually.  Note that a jail's
                 depend parameter in the configuration file may override this
                 list.

 

[Unixnut]

Oh my, that was a simple fix. I didn't think to look at the rc.conf man page about jails, and the jail.conf man page did not mention it.

I can confirm that if you start the jails explicitly it works, like so:

root@test-lab:~ # service jail start test
Starting jails: test.
root@test-lab:~ # jls
JID IP Address Hostname Path
1 10.0.3.16 test.local /storagefast/vm/jails/test
root@test-lab:~ #

It does mean I would have to write logic myself to (re)start/stop the jails, but as they all sit in the folder with their jail names as the filename in my system, this should not be too hard to do.

Many thanks for the pointers!

 

[T-Daemon]

I didn't think to look at the rc.conf man page about jails, and the jail.conf man page did not mention it.

Rather than reading though man pages I usually grep(1) through all of them for a specific pattern. Unfortunately the base grep(1) hasn't a -Z or -J (decompress) option anymore starting with 13.0, I use textproc/ugrep instead. It's fast, comes handy also grepping through the source code. manpath(1) for path.

It does mean I would have to write logic myself to (re)start/stop the jails, but as they all sit in the folder with their jail names as the filename in my system, this should not be too hard to do.

Not sure what your use case is, but if a jail_list="space-seperated list of jails" is present in /etc/rc.conf, then those jails can be started/restarted/stopped with the jail service, all together or individually (just tested it in a VM).

 

[epopen]

Hi All

Is possible include common config/items for /etc/jail.conf.d/{jailname}.conf?
Because my current /etc/jail.conf has it look like follows.

# Common config
FOO
BAR

jailname_1 {
    ...
}

jailname_2 {
    ...
}

...

Thanks a lot.