Date: Thu, 8 Oct 2015 12:53:50 +0200 From: Raphael Eiselstein <rabe@uugrn.org> To: freebsd-jail@freebsd.org Subject: Modify existing jails using jail -mv and jail.conf with multiple interfaces *always* fails for randomly selected jails: : jail: : unknown parameter: Message-ID: <20151008105350.GA19908@lan.sigsys.de>
next in thread | raw e-mail | index | archive | help
--3MwIy2ne0vdjdPXF
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi there,
I'm running some jail servers on 10.2-RELEASE without VIMAGE or
something like that but using jail(8) and jail.conf(5).
Something seems to be wrong on my jail.conf but I wasn't able to track
this down.
For example (output with additional line breaks):
----------------------------------------------
[root@top4 ~]# jail -mv uug_proxy
uug_proxy: jail_set(JAIL_UPDATE) jid=3D60 name=3Duug_proxy=20
devfs_ruleset=3D4 children.max=3D0 allow.set_hostname=3Dfalse=20
allow.sysvipc=3Dfalse allow.raw_sockets=3Dfalse allow.chflags=3Dfal=
se=20
allow.mount=3Dfalse allow.mount.devfs=3Dfalse allow.mount.nullfs=3D=
false=20
allow.mount.procfs=3Dtrue allow.mount.zfs=3Dtrue allow.quotas=3Dfal=
se=20
allow.socket_af=3Dfalse host.hostname=3Dproxy.uugrn.lan=20
ip4.addr=3D10.253.1.13,164.177.171.13=20
ip6.addr=3D2a03:2500:1:6:d::
uug_proxy: updated
----------------------------------------------
----------------------------------------------
[root@top4 ~]# jail -mv uug_mail=20
: jail_set(JAIL_UPDATE) jid=3D44 name=3Duug_mail=20
devfs_ruleset=3D4 children.max=3D0 allow.set_hostname=3Dfalse=20
allow.sysvipc=3Dfalse allow.raw_sockets=3Dfalse allow.chflags=3Dfal=
se=20
allow.mount=3Dfalse allow.mount.devfs=3Dfalse allow.mount.nullfs=3D=
false=20
allow.mount.procfs=3Dtrue allow.mount.zfs=3Dtrue allow.quotas=3Dfal=
se=20
allow.socket_af=3Dfalse host.hostname=3Dmail.uugrn.lan=20
=3D10.253.1.11,164.177.171.11 ip6.addr=3D2a03:2500:1:6:b::: Invalid=
argument
jail: : unknown parameter:=20
corresponding blocks from my jail.conf:
----------------------------------------------
=E2=80=A6
uug_mail {
host.hostname =3D "mail.uugrn.lan";
path =3D "/jails/uug/mail";
ip4.addr =3D em1|10.253.1.11, em0|164.177.171.11;
ip6.addr =3D em0|2a03:2500:1:6:b::;
exec.prestart =3D "/root/bin/jail_zfs_snap.sh zroot/jails/uug/mai=
l prestart";
exec.poststop =3D "/root/bin/jail_zfs_snap.sh zroot/jails/uug/mai=
l poststop";
}
=E2=80=A6
uug_proxy {
host.hostname =3D "proxy.uugrn.lan";
path =3D "/jails/uug/proxy";
ip4.addr =3D em1|10.253.1.13, em0|164.177.171.13;
ip6.addr =3D em0|2a03:2500:1:6:d::;
exec.prestart =3D "/root/bin/jail_zfs_snap.sh zroot/jails/uug/pro=
xy prestart";
exec.poststop =3D "/root/bin/jail_zfs_snap.sh zroot/jails/uug/pro=
xy poststop";
}
----------------------------------------------
I cannot see any difference between uug_mail and uug_proxy.
Stopping and starting those jails works using jail -rv and jail -cv:
----------------------------------------------
[root@top4 ~]# jail -rv uug_proxy
uug_proxy: run command in jail: /bin/sh /etc/rc.shutdown
uug_proxy: sent SIGTERM to: 26681 26678 26588
uug_proxy: removed
uug_proxy: run command: /root/bin/jail_zfs_snap.sh zroot/jails/uug/proxy po=
ststop
Snapshotted zroot/jails/uug/proxy@20151008124019_poststop, see /jails/uug/p=
roxy/.zfs/snapshot/20151008124019_poststop
uug_proxy: run command: /sbin/umount /jails/uug/proxy/dev
uug_proxy: run command: /sbin/ifconfig em0 inet6 2a03:2500:1:6:d:: prefixle=
n 128 -alias
uug_proxy: run command: /sbin/ifconfig em0 inet 164.177.171.13 netmask 255.=
255.255.255 -alias
uug_proxy: run command: /sbin/ifconfig em1 inet 10.253.1.13 netmask 255.255=
=2E255.255 -alias
----------------------------------------------
----------------------------------------------
[root@top4 ~]# jail -rv uug_mail=20
uug_mail: run command in jail: /bin/sh /etc/rc.shutdown
uug_mail: sent SIGTERM to: 60825 60822 60763
uug_mail: removed
uug_mail: run command: /root/bin/jail_zfs_snap.sh zroot/jails/uug/mail post=
stop
Snapshotted zroot/jails/uug/mail@20151008124024_poststop, see /jails/uug/ma=
il/.zfs/snapshot/20151008124024_poststop
uug_mail: run command: /sbin/umount /jails/uug/mail/dev
uug_mail: run command: /sbin/umount -t nullfs /jails/uug/mail/freebsd
uug_mail: run command: /sbin/ifconfig em0 inet6 2a03:2500:1:6:b:: prefixlen=
128 -alias
uug_mail: run command: /sbin/ifconfig em0 inet 164.177.171.11 netmask 255.2=
55.255.255 -alias
uug_mail: run command: /sbin/ifconfig em1 inet 10.253.1.11 netmask 255.255.=
255.255 -alias
----------------------------------------------
----------------------------------------------
[root@top4 ~]# jail -cv uug_mail
uug_mail: run command: /sbin/ifconfig em1 inet 10.253.1.11 netmask 255.255.=
255.255 alias
uug_mail: run command: /sbin/ifconfig em0 inet 164.177.171.11 netmask 255.2=
55.255.255 alias
uug_mail: run command: /sbin/ifconfig em0 inet6 2a03:2500:1:6:b:: prefixlen=
128 alias
uug_mail: run command: /sbin/mount -t nullfs -o ro /tank/freebsd /jails/uug=
/mail/freebsd
uug_mail: run command: /sbin/mount -t devfs -oruleset=3D4 . /jails/uug/mai=
l/dev
uug_mail: run command: /root/bin/jail_zfs_snap.sh zroot/jails/uug/mail pres=
tart
Snapshotted zroot/jails/uug/mail@20151008124133_prestart, see /jails/uug/ma=
il/.zfs/snapshot/20151008124133_prestart
uug_mail: jail_set(JAIL_CREATE) persist name=3Duug_mail devfs_ruleset=3D4 c=
hildren.max=3D0 allow.set_hostname=3Dfalse allow.sysvipc=3Dfalse allow.raw_=
sockets=3Dfalse allow.chflags=3Dfalse allow.mount=3Dfalse allow.mount.devfs=
=3Dfalse allow.mount.nullfs=3Dfalse allow.mount.procfs=3Dtrue allow.mount.z=
fs=3Dtrue allow.quotas=3Dfalse allow.socket_af=3Dfalse host.hostname=3Dmail=
=2Euugrn.lan path=3D/jails/uug/mail ip4.addr=3D10.253.1.11,164.177.171.11 i=
p6.addr=3D2a03:2500:1:6:b::
uug_mail: created
uug_mail: run command in jail: /bin/sh /etc/rc
uug_mail: jail_set(JAIL_UPDATE) jid=3D72 nopersist
----------------------------------------------
----------------------------------------------
[root@top4 ~]# jail -cv uug_proxy
uug_proxy: run command: /sbin/ifconfig em1 inet 10.253.1.13 netmask 255.255=
=2E255.255 alias
uug_proxy: run command: /sbin/ifconfig em0 inet 164.177.171.13 netmask 255.=
255.255.255 alias
uug_proxy: run command: /sbin/ifconfig em0 inet6 2a03:2500:1:6:d:: prefixle=
n 128 alias
uug_proxy: run command: /sbin/mount -t devfs -oruleset=3D4 . /jails/uug/pr=
oxy/dev
uug_proxy: run command: /root/bin/jail_zfs_snap.sh zroot/jails/uug/proxy pr=
estart
Snapshotted zroot/jails/uug/proxy@20151008124139_prestart, see /jails/uug/p=
roxy/.zfs/snapshot/20151008124139_prestart
uug_proxy: jail_set(JAIL_CREATE) persist name=3Duug_proxy devfs_ruleset=3D4=
children.max=3D0 allow.set_hostname=3Dfalse allow.sysvipc=3Dfalse allow.ra=
w_sockets=3Dfalse allow.chflags=3Dfalse allow.mount=3Dfalse allow.mount.dev=
fs=3Dfalse allow.mount.nullfs=3Dfalse allow.mount.procfs=3Dtrue allow.mount=
=2Ezfs=3Dtrue allow.quotas=3Dfalse allow.socket_af=3Dfalse host.hostname=3D=
proxy.uugrn.lan path=3D/jails/uug/proxy ip4.addr=3D10.253.1.13,164.177.171.=
13 ip6.addr=3D2a03:2500:1:6:d::
uug_proxy: created
uug_proxy: run command in jail: /bin/sh /etc/rc
uug_proxy: jail_set(JAIL_UPDATE) jid=3D73 nopersist
----------------------------------------------
after restarting jails and without any changes to jail.conf uug_mail
still cannot be updated using "jail -mv":
----------------------------------------------
[root@top4 ~]# jail -mv uug_mail
: jail_set(JAIL_UPDATE) jid=3D72 name=3Duug_mail devfs_ruleset=3D4 children=
=2Emax=3D0 allow.set_hostname=3Dfalse allow.sysvipc=3Dfalse allow.raw_socke=
ts=3Dfalse allow.chflags=3Dfalse allow.mount=3Dfalse allow.mount.devfs=3Dfa=
lse allow.mount.nullfs=3Dfalse allow.mount.procfs=3Dtrue allow.mount.zfs=3D=
true allow.quotas=3Dfalse allow.socket_af=3Dfalse host.hostname=3Dmail.uugr=
n.lan =3D10.253.1.11,164.177.171.11 ip6.addr=3D2a03:2500:1:6:b::: Invalid a=
rgument
jail: : unknown parameter:=20
----------------------------------------------
=2E.. "ip4.addr" and ${jail_name} are missing from output here and
obviously generate invalid properties for JAIL_UPDATE.
Maybe the jail.conf parser fails on "modify" but not on "create"?
This was just an example. I guess about 20% of my jails fail this way
just on "modify".
Any idea?
TIA and regards
Raphael
PS: I run this setup for local unix user group ("uug"), non-profit :)
--=20
SMTP: rabe@uugrn.org, rabe@sigsys.de=20
XMPP: rabe@sigsys.de
PGP: 4E63 5307 6F6A 036D 518D 3C4F 75EE EA14 F625 DB4E
=2E........|.........|.........|.........|.........|.........|.........|..
--3MwIy2ne0vdjdPXF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJWFks+AAoJEHXu6hT2JdtOSvcP/jqvxZQHhquUDd+PgPXNzD9q
RYRt/mn4Z2h7FMsIBJ9uTQqtYmKBSnEbtK1YBaz9YyaUHA/BPeTO8JpzJ7wZiOvV
7qEaoJkZbTEoA+YEFzFtjQBig2n0nh7AiFEaaTz80DWh24cAoQkG4oOfQZvwNWL0
kKFt9tuipmtPhmO34V7HO3XfP79nQARYmTSj9s1PDjLJ5+275PmLwIDdErvLYFNl
IFUTC79Js19U7YY2N76TEDjTKSnbGAJqz65ocKkwm+eHwY4IOb7MQ5Wm/Khl+ZZB
Q5CM6/WSrnMKPdfQWqfYffVmbisgA7zdC0l207OJqFFOSRI7nCbFQ1JjuxEaSGOZ
hL8mHfRAHiB++OEh/updCS37zcl7JQ7Id0/2Rc4STguV1Q752wmxwO4Cq75lt6xw
4hNsF4ORlP7bapMGJpjp1/EF42iSTrSZj/oTKG2MRcxZnc9jRdezWJKeKsL80v6E
2ZUgeiRm12cU0VwFara3m2da1VviRBRGtPJU6Vk9c6sn+oyrSkTp5eFQfnsv8EJk
FJyRtO4EPwvQE0ANllmdK7Rx82OmnIpuZrXaiGyitoW4Qkaj7UBcw+86+pBSdvtj
6nsVhHoJjMFrEkZ4KnwKFI7nCM13ozxIwrEjcodSEXAuzwQH4EV/dB8EchjTC3Ab
9iK/YIDE/Vd+dOzX8pfg
=sRFq
-----END PGP SIGNATURE-----
--3MwIy2ne0vdjdPXF--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151008105350.GA19908>