Allow jail config files to include other files, via the ".include" directive (the leading dot is to ensure it doesn't clash with jail or parameter names). The include filename may be a glob, which allowed for config dirfectories such as /etc/jail.conf.d.
Theoretically this is easy to handle. All it takes is a map/list of absolute file paths that the parser has already seen. If a new path encountered - include, if a known one encountered - skip.
True, they're not handled. I took my include inspiration from newsyslog (which has includes that also support globbing), and there it's also just a simple matter or running whatever it's told to include. It's kind of a footgun situation, where it's generally good enough to trust the administrator not to make such a loop. I did it for depend loops, but only because that's kind of elemental in building an acyclic directed graph.
I imagine it wouldn't be incredibly hard to handle, though it's a bit more than just tracking filenames, since I do at least a cursory job of resolving relative names, and because the same file may be included in different contexts (within different jails). But hashing a jail/dev/inode tuple might do the trick.
Just a small nitpick: I would prefer a macro #define MAX_INCLUDE_DEPTH 32 or constant static const unsigned int max_include_depth = 32; somewhere above the include_config() in config.c instead of the literal to improve readability.