Changeset View
Changeset View
Standalone View
Standalone View
en_US.ISO8859-1/books/handbook/jails/chapter.xml
| Show First 20 Lines • Show All 307 Lines • ▼ Show 20 Lines | linkend="jails-synopsis"/>. Other arguments may be specified | ||||
| application that will run within the jail.</para> | application that will run within the jail.</para> | ||||
| <para>Jails are often started at boot time and the &os; | <para>Jails are often started at boot time and the &os; | ||||
| <filename>rc</filename> mechanism provides an easy way to do | <filename>rc</filename> mechanism provides an easy way to do | ||||
| this.</para> | this.</para> | ||||
| <procedure> | <procedure> | ||||
| <step> | <step> | ||||
| <para>A list of the jails which are enabled to start at boot | <para>Configure jail parameters in | ||||
| time should be added to the &man.rc.conf.5; file:</para> | <filename>jail.conf</filename>:</para> | ||||
| <programlisting><replaceable>www</replaceable> { | |||||
| host.hostname = <replaceable>www.example.org</replaceable>; # Hostname | |||||
| ip4.addr = <replaceable>192.168.0.10</replaceable>; # IP address of the jail | |||||
bcr: I think this parameter is also (highly) replaceable. ;-) | |||||
| path ="<replaceable>/usr/jail/www</replaceable>"; # Path to the jail | |||||
| devfs_ruleset = "<replaceable>www_ruleset</replaceable>"; # devfs ruleset | |||||
| mount.devfs; # Mount devfs inside the jail | |||||
| exec.start = "/bin/sh /etc/rc"; # Start command | |||||
| exec.stop = "/bin/sh /etc/rc.shutdown"; # Stop command | |||||
| }</programlisting> | |||||
Not Done Inline ActionsI think <filename>jail.conf</filename> tags are better here than the man page. We don't configure anything in the man page, but the file itself. The man page is referenced below, so there is no reference lost. bcr: I think <filename>jail.conf</filename> tags are better here than the man page. We don't… | |||||
| <programlisting>jail_enable="YES" # Set to NO to disable starting of any jails | <para>In <filename>rc.conf</filename> configure jails to start | ||||
| jail_list="<replaceable>www</replaceable>" # Space separated list of names of jails</programlisting> | at boot time:</para> | ||||
wblockUnsubmitted Not Done Inline ActionsConfigure jails to start at boot in <filename>/etc/rc.conf</filename>:</para> wblock: ```Configure jails to start at boot in <filename>/etc/rc.conf</filename>:</para>``` | |||||
| <note> | <programlisting>jail_enable="YES" # Set to NO to disable starting of any jails</programlisting> | ||||
| <para>Jail names in <varname>jail_list</varname> should | |||||
| contain alphanumeric characters only.</para> | |||||
| </note> | |||||
| </step> | |||||
| <step> | |||||
| <para>For each jail listed in <varname>jail_list</varname>, a | |||||
| group of &man.rc.conf.5; settings, which describe the | |||||
| particular jail, should be added:</para> | |||||
| <programlisting>jail_<replaceable>www</replaceable>_rootdir="/usr/jail/www" # jail's root directory | |||||
| jail_<replaceable>www</replaceable>_hostname="<replaceable>www</replaceable>.example.org" # jail's hostname | |||||
| jail_<replaceable>www</replaceable>_ip="192.168.0.10" # jail's IP address | |||||
| jail_<replaceable>www</replaceable>_devfs_enable="YES" # mount devfs in the jail</programlisting> | |||||
| <para>The default startup of jails configured in | <para>The default startup of jails configured in | ||||
| &man.rc.conf.5;, will run the <filename>/etc/rc</filename> | &man.jail.conf.5;, will run the <filename>/etc/rc</filename> | ||||
wblockUnsubmitted Not Done Inline ActionsThis whole paragraph is unclear. What is a "default startup"? What is meant by "a complete virtual system"? wblock: This whole paragraph is unclear. What is a "default startup"? What is meant by "a complete… | |||||
emasteAuthorUnsubmitted Not Done Inline ActionsThis section should indeed get a more extensive rewrite in a later commit. emaste: This section should indeed get a more extensive rewrite in a later commit. | |||||
| script of the jail, which assumes the jail is a complete | script of the jail, which assumes the jail is a complete | ||||
| virtual system. For service jails, the default startup | virtual system. For service jails, the default startup | ||||
| command of the jail should be changed, by setting the | command of the jail should be changed, by setting the | ||||
| <varname>jail_<replaceable>jailname</replaceable>_exec_start</varname> | <varname>exec.start</varname> | ||||
| option appropriately.</para> | option appropriately.</para> | ||||
| <note> | <note> | ||||
| <para>For a full list of available options, please see the | <para>For a full list of available options, please see the | ||||
| &man.rc.conf.5; manual page.</para> | &man.jail.conf.5; manual page.</para> | ||||
| </note> | </note> | ||||
| </step> | </step> | ||||
| </procedure> | </procedure> | ||||
| <para>&man.service.8; can be used to start or stop a jail by hand, | <para>&man.service.8; can be used to start or stop a jail by hand, | ||||
| if an entry for it exists in | if an entry for it exists in | ||||
| <filename>rc.conf</filename>:</para> | <filename>jail.conf</filename>:</para> | ||||
| <screen>&prompt.root; <userinput>service jail start <replaceable>www</replaceable></userinput> | <screen>&prompt.root; <userinput>service jail start <replaceable>www</replaceable></userinput> | ||||
| &prompt.root; <userinput>service jail stop <replaceable>www</replaceable></userinput></screen> | &prompt.root; <userinput>service jail stop <replaceable>www</replaceable></userinput></screen> | ||||
| <para>Jails can be shut down with &man.jexec.8;. Use &man.jls.8; | <para>Jails can be shut down with &man.jexec.8;. Use &man.jls.8; | ||||
| to identify the jail's <varname>JID</varname>, then use | to identify the jail's <varname>JID</varname>, then use | ||||
| &man.jexec.8; to run the shutdown script in that jail.</para> | &man.jexec.8; to run the shutdown script in that jail.</para> | ||||
| ▲ Show 20 Lines • Show All 991 Lines • Show Last 20 Lines | |||||
I think this parameter is also (highly) replaceable. ;-)