Changeset View
Changeset View
Standalone View
Standalone View
head/usr.sbin/jail/jail.8
Show All 19 Lines | |||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||||
.\" SUCH DAMAGE. | .\" SUCH DAMAGE. | ||||
.\" | .\" | ||||
.\" $FreeBSD$ | .\" $FreeBSD$ | ||||
.\" | .\" | ||||
.Dd May 18, 2019 | .Dd August 6, 2019 | ||||
.Dt JAIL 8 | .Dt JAIL 8 | ||||
.Os | .Os | ||||
.Sh NAME | .Sh NAME | ||||
.Nm jail | .Nm jail | ||||
.Nd "manage system jails" | .Nd "manage system jails" | ||||
.Sh SYNOPSIS | .Sh SYNOPSIS | ||||
.Nm | .Nm | ||||
.Op Fl dhilqv | .Op Fl dhilqv | ||||
▲ Show 20 Lines • Show All 639 Lines • ▼ Show 20 Lines | |||||
.Xr vmm 4 | .Xr vmm 4 | ||||
kernel module is loaded. | kernel module is loaded. | ||||
.It Va linux | .It Va linux | ||||
Determine how a jail's Linux emulation environment appears. | Determine how a jail's Linux emulation environment appears. | ||||
A value of | A value of | ||||
.Dq inherit | .Dq inherit | ||||
will keep the same environment, and | will keep the same environment, and | ||||
.Dq new | .Dq new | ||||
will give the jail it's own environment (still originally inherited when | will give the jail its own environment (still originally inherited when | ||||
the jail is created). | the jail is created). | ||||
.It Va linux.osname , linux.osrelease , linux.oss_version | .It Va linux.osname , linux.osrelease , linux.oss_version | ||||
The Linux OS name, OS release, and OSS version associated with this jail. | The Linux OS name, OS release, and OSS version associated with this jail. | ||||
.It Va sysvmsg | .It Va sysvmsg | ||||
Allow access to SYSV IPC message primitives. | Allow access to SYSV IPC message primitives. | ||||
If set to | If set to | ||||
.Dq inherit , | .Dq inherit , | ||||
all IPC objects on the system are visible to this jail, whether they | all IPC objects on the system are visible to this jail, whether they | ||||
▲ Show 20 Lines • Show All 56 Lines • ▼ Show 20 Lines | |||||
.It Va exec.prestop | .It Va exec.prestop | ||||
Command(s) to run in the system environment before a jail is removed. | Command(s) to run in the system environment before a jail is removed. | ||||
.It Va exec.stop | .It Va exec.stop | ||||
Command(s) to run in the jail environment before a jail is removed, | Command(s) to run in the jail environment before a jail is removed, | ||||
and after any | and after any | ||||
.Va exec.prestop | .Va exec.prestop | ||||
commands have completed. | commands have completed. | ||||
A typical command to run is | A typical command to run is | ||||
.Dq sh /etc/rc.shutdown . | .Dq sh /etc/rc.shutdown jail . | ||||
.It Va exec.poststop | .It Va exec.poststop | ||||
Command(s) to run in the system environment after a jail is removed. | Command(s) to run in the system environment after a jail is removed. | ||||
.It Va exec.clean | .It Va exec.clean | ||||
Run commands in a clean environment. | Run commands in a clean environment. | ||||
The environment is discarded except for | The environment is discarded except for | ||||
.Ev HOME , SHELL , TERM | .Ev HOME , SHELL , TERM | ||||
and | and | ||||
.Ev USER . | .Ev USER . | ||||
▲ Show 20 Lines • Show All 332 Lines • ▼ Show 20 Lines | |||||
.Bd -literal -offset indent | .Bd -literal -offset indent | ||||
testjail { | testjail { | ||||
path = /tmp/jail/testjail; | path = /tmp/jail/testjail; | ||||
mount.devfs; | mount.devfs; | ||||
host.hostname = testhostname; | host.hostname = testhostname; | ||||
ip4.addr = 192.0.2.100; | ip4.addr = 192.0.2.100; | ||||
interface = em0; | interface = em0; | ||||
exec.start = "/bin/sh /etc/rc"; | exec.start = "/bin/sh /etc/rc"; | ||||
exec.stop = "/bin/sh /etc/rc.shutdown"; | exec.stop = "/bin/sh /etc/rc.shutdown jail"; | ||||
} | } | ||||
.Ed | .Ed | ||||
.Pp | .Pp | ||||
To start a virtual server environment, | To start a virtual server environment, | ||||
.Pa /etc/rc | .Pa /etc/rc | ||||
is run to launch various daemons and services, and | is run to launch various daemons and services, and | ||||
.Pa /etc/rc.shutdown | .Pa /etc/rc.shutdown | ||||
is run to shut them down when the jail is removed. | is run to shut them down when the jail is removed. | ||||
▲ Show 20 Lines • Show All 292 Lines • Show Last 20 Lines |