# Send command to jail from main host - Socket with openssl api



## sysnes (Aug 30, 2017)

Hi, first of all I want to thanks for this community, this forum have rich content.

Is possible to send a command from the main host to jail host?

Like this:  `ezjail-admin console WEBSERVER | nginx -s reload`

I want to restart a service and check status, so I think I need to do this via socket.

Does FreeBSD system have featured of work with socket with OpenSSL, I want to avoid install Perl in every jail?

Thanks so Much


----------



## tobik@ (Aug 30, 2017)

sysnes said:


> Does freebsd system have featured of work with socket with openssl api


Yes, that's basically what OpenSSH provides in a secure way.  See https://www.freebsd.org/doc/handbook/openssh.html.


sysnes said:


> ¿Is possible to send a command from the main host to jail host?


You can do this with jexec(8) e.g. `jexec WEBSERVER /usr/local/bin/nginx -s reload`


----------



## SirDice (Aug 30, 2017)

sysnes said:


> Does FreeBSD system have featured of work with socket with OpenSSL, I want to avoid install Perl in every jail?


What exactly do you need to be able to do? Also note that Perl is a dependency for a lot of other ports, so it's quite likely Perl will get installed anyway.


----------



## sysnes (Aug 30, 2017)

Thanks for your participation tobik@ and Sirdice.

About SirDice comment, I want to create a web service system with Perl, in the main host. That web system have the featured the detect if a process is running  (Process like nginx, mysql, etc), also have a featured of restart or stop process.
That is my question if FreeBSD have a build function in the system (Jail) relation to socket and if is psossible to work with openssl api.

Thanks for any sugestion.


----------



## SirDice (Aug 31, 2017)

sysnes said:


> That web system have the featured the detect if a process is running (Process like nginx, mysql, etc), also have a featured of restart or stop process.


You might want to take a look at sysutils/monit. It can be used standalone but I can recommend getting the M/Monit service too (if you want a nice web based interface to stop/start/restart services remotely). You'll have to pay a license for it but it's relatively cheap and if I remember correctly it's a one time payment for a lifetime subscription. I have it set up for a client of mine. It's been running for a couple of years without any major issues. I did have some problems at some point but support was surprisingly quick to respond and they fixed the issue in record time.

https://mmonit.com/



> That is my question if FreeBSD have a build function in the system (Jail) relation to socket and if is psossible to work with openssl api.


Jails are somewhat limited of course but this shouldn't be a problem. For all intents and purposes a jail works just like any other 'physical' machine.


----------

