From owner-freebsd-jail@FreeBSD.ORG  Tue Jan 27 20:12:09 2015
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id BD1B7E62
 for <jail@freebsd.org>; Tue, 27 Jan 2015 20:12:09 +0000 (UTC)
Received: from elektropost.org (elektropost.org [217.115.13.199])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 05A56210
 for <jail@freebsd.org>; Tue, 27 Jan 2015 20:12:08 +0000 (UTC)
Received: (qmail 32031 invoked from network); 27 Jan 2015 20:12:04 -0000
Received: from elektropost.org (HELO elektropost.org) (erdgeist@erdgeist.org)
 by elektropost.org with ESMTPS (DHE-RSA-AES128-SHA encrypted);
 27 Jan 2015 20:12:04 -0000
Message-ID: <54C7F109.2040405@erdgeist.org>
Date: Tue, 27 Jan 2015 21:11:53 +0100
From: Dirk Engling <erdgeist@erdgeist.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Peter Toth <peter.toth198@gmail.com>, jail@freebsd.org
Subject: Re: preferred jail management tool
References: <CACfj5vKjiQHsy9VbOKFFcrBpyr3dmbkOOxTxCYhSyZrnrjRiaQ@mail.gmail.com>
 <CAHieY7TyxzC0aK-ErY2EbCmTJPykk_9G7Gd=CrZ9yxQ-77PynA@mail.gmail.com>
 <20150127012347.GA4940@lonesome.com>
 <20150127141239.V77290@sola.nimnet.asn.au> <54C7958B.40007@gmail.com>
 <54C7C828.4070703@erdgeist.org>
 <14943.128.135.70.2.1422381245.squirrel@cosmo.uchicago.edu>
 <54C7D371.9010609@erdgeist.org>
 <13934.128.135.70.2.1422383293.squirrel@cosmo.uchicago.edu>
 <CAEUAJxtctW_Ku4iQFWTKOsr=sABDtKEeKKVitFyFcxfUSp+jig@mail.gmail.com>
In-Reply-To: <CAEUAJxtctW_Ku4iQFWTKOsr=sABDtKEeKKVitFyFcxfUSp+jig@mail.gmail.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail/>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jan 2015 20:12:09 -0000

On 27.01.15 21:01, Peter Toth wrote:

> The most important part is jail(8) and properties can be passed to jail(8)
> very easily.
> 
> This is the very reason I stopped relying on any rc.d/jai or jail.conf for
> iocage. It is much easier/simpler to add/modify features when dealing with
> jail(8) directly.

This means that you need to keep your config in yet another place. I
think it's much nicer to point a user to a defined location where he
would find everything that magically creates those jail containers at
system startup.

I think that rc.d/jail and its config should provide all the means
necessary to describe the state of the system's jails after booting up.
If it doesn't, the tool is useless. Could you please explain what
features are missing in jail.conf for you to not use it? Maybe we can
layout a path to a better config abstraction.

  erdgeist