Index: head/usr.sbin/jail/command.c =================================================================== --- head/usr.sbin/jail/command.c +++ head/usr.sbin/jail/command.c @@ -148,7 +148,8 @@ if (j->comstring == NULL || j->comstring->len == 0 || (create_failed && (comparam == IP_EXEC_PRESTART || comparam == IP_EXEC_CREATED || comparam == IP_EXEC_START || - comparam == IP_COMMAND || comparam == IP_EXEC_POSTSTART))) + comparam == IP_COMMAND || comparam == IP_EXEC_POSTSTART || + comparam == IP_EXEC_PREPARE))) continue; switch (run_command(j)) { case -1: Index: head/usr.sbin/jail/config.c =================================================================== --- head/usr.sbin/jail/config.c +++ head/usr.sbin/jail/config.c @@ -71,8 +71,10 @@ [IP_EXEC_JAIL_USER] = {"exec.jail_user", PF_INTERNAL}, [IP_EXEC_POSTSTART] = {"exec.poststart", PF_INTERNAL}, [IP_EXEC_POSTSTOP] = {"exec.poststop", PF_INTERNAL}, + [IP_EXEC_PREPARE] = {"exec.prepare", PF_INTERNAL}, [IP_EXEC_PRESTART] = {"exec.prestart", PF_INTERNAL}, [IP_EXEC_PRESTOP] = {"exec.prestop", PF_INTERNAL}, + [IP_EXEC_RELEASE] = {"exec.release", PF_INTERNAL}, [IP_EXEC_CREATED] = {"exec.created", PF_INTERNAL}, [IP_EXEC_START] = {"exec.start", PF_INTERNAL}, [IP_EXEC_STOP] = {"exec.stop", PF_INTERNAL}, Index: head/usr.sbin/jail/jail.8 =================================================================== --- head/usr.sbin/jail/jail.8 +++ head/usr.sbin/jail/jail.8 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd April 17, 2020 +.Dd May 14, 2020 .Dt JAIL 8 .Os .Sh NAME @@ -726,6 +726,11 @@ .Pp The pseudo-parameters are: .Bl -tag -width indent +.It Va exec.prepare +Command(s) to run in the system environment to prepare a jail for creation. +These commands are executed before assigning IP addresses and mounting +filesystems, so they may be used to create a new jail filesystem if it does +not already exist. .It Va exec.prestart Command(s) to run in the system environment before a jail is created. .It Va exec.created @@ -760,6 +765,11 @@ .Dq sh /etc/rc.shutdown jail . .It Va exec.poststop Command(s) to run in the system environment after a jail is removed. +.It Va exec.release +Command(s) to run in the system environment after all other actions are done. +These commands are executed after unmounting filesystems and removing IP +addresses, so they may be used to remove a jail filesystem if it is no longer +needed. .It Va exec.clean Run commands in a clean environment. The environment is discarded except for Index: head/usr.sbin/jail/jail.c =================================================================== --- head/usr.sbin/jail/jail.c +++ head/usr.sbin/jail/jail.c @@ -87,6 +87,7 @@ static const enum intparam startcommands[] = { IP__NULL, + IP_EXEC_PREPARE, #ifdef INET IP__IP4_IFADDR, #endif @@ -126,6 +127,7 @@ #ifdef INET IP__IP4_IFADDR, #endif + IP_EXEC_RELEASE, IP__NULL }; Index: head/usr.sbin/jail/jailp.h =================================================================== --- head/usr.sbin/jail/jailp.h +++ head/usr.sbin/jail/jailp.h @@ -87,8 +87,10 @@ IP_EXEC_JAIL_USER, /* Run jailed commands as this user */ IP_EXEC_POSTSTART, /* Commands run outside jail after creating */ IP_EXEC_POSTSTOP, /* Commands run outside jail after removing */ + IP_EXEC_PREPARE, /* Commands run outside jail before addrs and mounting */ IP_EXEC_PRESTART, /* Commands run outside jail before creating */ IP_EXEC_PRESTOP, /* Commands run outside jail before removing */ + IP_EXEC_RELEASE, /* Commands run outside jail after addrs and unmounted */ IP_EXEC_CREATED, /* Commands run outside jail right after it was started */ IP_EXEC_START, /* Commands run inside jail on creation */ IP_EXEC_STOP, /* Commands run inside jail on removal */