# [RESOLVED] ezjail question



## fred974 (Feb 28, 2014)

Hi guys,

I have a file created at /etc/jails.conf with

```
webjail {
   path = /local/jails/webjail;
   mount.devfs;
   devfs_ruleset = 4;
   host.hostname = webjail.mydomain.lan;
   ip4.addr = 192.168.0.115;
   exec.start = "/bin/sh /etc/rc";
   exec.stop = "/bin/sh /etc/rc.shutdown";
}
```
Could anyone tell me why I still get the following message in the /var/log/messages ?

```
/etc/rc.d/jail: WARNING: Per-jail configuration via jail_* variables  is obsolete.  Please consider to migrate to /etc/jail.conf.
```
Do I need to move everything from /usr/local/etc/ezjail/webjail to /etc/jails.conf and delete  /usr/local/etc/ezjail/webjail ?

Thank you


----------



## bryn1u (Mar 1, 2014)

*Re: ezjail question*

Show your ezjail.conf. I think that might be possibility that `ezjail` doesn't read from jails.conf. Under FreeBSD 10.0 I had similar problem. `ezjail` was reading options from rc.conf and /etc/jail.conf I had empty, jail worked. What version FreeBSD do you use? I guess 10?


----------



## fred974 (Mar 1, 2014)

*Re: ezjail question*

Hi @bryn1u
I'm using FreeBSD 10 as you guessed
/usr/local/etc/ezjail.conf

```
ezjail_jaildir=/local/jails
ezjail_ftphost=ftp.freebsd.org
ezjail_use_zfs="YES"
ezjail_jailzfs="zroot/jails"
```
/etc/rc.conf

```
### General Settings ###
zfs_enable="YES"
keymap="uk.iso"
sshd_enable="YES"
syslogd_enable="YES"
syslogd_flags="-ss"
moused_enable="NO"
dumpdev="NO"
rpc_bind_enable="NO"
ezjail_enable="YES"
inetd_enable="NO" # Make host jail-friendly
openntpd_enable="Yes" # Synchronize The Local Clock
openntpd_flags="-s"

### FIREWALL - Packet filter configuration ###
pf_enable="YES"
pflog_enable="YES"
pflog_logfile="/var/log/pflog"
pf_rules="/etc/pf.conf"

### fail2ban intrusion prevention framework ###
fail2ban_enable="YES"

### Disable Sendmail MTA
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"

### Enable Postfix MTA ###
postfix_enable="YES"

### external network configuration ###
hostname="kryten.mydomain.lan"
#ifconfig_bge0="dhcp"
ifconfig_bge0="inet 192.168.0.198 netmask 255.255.255.0"
defaultrouter="192.168.0.1"

### internal network configuration Jail interface aliases ###
ifconfig_bge0_alias0="inet 192.168.0.115 netmask 255.255.255.0" # webjail
ifconfig_bge0_alias1="inet 192.168.0.120 netmask 255.255.255.0" # sqljail
ifconfig_bge0_alias2="inet 192.168.0.125 netmask 255.255.255.0" # mailjail

### Enable Zabbix
zabbix_server_enable="YES"
zabbix_agentd_enable="YES"

### Enable Unbound DNS
local_unbound_enable="YES"
```
Thank you


----------



## bryn1u (Mar 1, 2014)

*Re: ezjail question*

Is this is only what you have in ezjail.conf? Are you sure that is enough to well working ezjail? If you have subscribed to jail.conf try using:

```
bsdinstall jail /path/to/jail
```
Then add to rc.conf

```
jail_enable="YES"
```
And then use command `jail -c webjail`

Jail should start. Check with `jls` command.


----------



## junovitch@ (Mar 1, 2014)

*Re: ezjail question*

All the files in /usr/local/etc/ezjail are still the old rc.conf style of starting jails.  Until ezjail plays catch up with the new jail.conf way of doing things, you'll get that warning.  Don't worry about it too much.  There is a compatibility layer that is converting the configuration for you when the jails are started.  The converted files end up in /var/run/jail_<jail_name>.


----------



## fred974 (Mar 1, 2014)

*Re: ezjail question*



			
				bryn1u said:
			
		

> If you have subscribred to jail.conf trzy use:
> 
> ```
> bsdinstall jail /path/to/jail
> ...


Sorry, not sure what you mean here.
do you mean add 
	
	



```
bsdinstall jail /path/to/jail
```
to /ezjail.conf ?

The lines above is all that I have in my ezjail.conf.. the jails seem to be working but them again I am not that experience to knpw for sure..
What do you have in yours? So I can have an idea..


----------



## bryn1u (Mar 2, 2014)

*Re: ezjail question*

I don't use ezjail but config should looks like below:

```
ezjail.conf - Example file, see ezjail.conf(5)
#
# Note: If you alter some of those variables AFTER creating your first
# jail, you may have to adapt /etc/fstab.* and EZJAIL_PREFIX/etc/ezjail/* by
# hand

# Location of jail root directories
#
# Note: If you have spread your jails to multiple locations, use softlinks
# to collect them in this directory
# ezjail_jaildir=/usr/jails

# Location of the tiny skeleton jail template
# ezjail_jailtemplate=${ezjail_jaildir}/newjail

# Location of the huge base jail
# ezjail_jailbase=${ezjail_jaildir}/basejail

# Location of your copy of FreeBSD's source tree
# ezjail_sourcetree=/usr/src

# This is where the install sub command defaults to fetch its packages from
# ezjail_ftphost=ftp.freebsd.org

# This is the command that is being executed by the console subcommand
# ezjail_default_execute="/usr/bin/login -f root"

# This is the flavour used by default when setting up a new jail
# ezjail_default_flavour=""

# This is the default location where ezjail archives its jails to
# ezjail_archivedir="${ezjail_jaildir}/ezjail_archives"

# base jail will provide a soft link from /usr/bin/perl to /usr/local/bin/perl
# to accomodate all scripts using '#!/usr/bin/perl'...
# ezjail_uglyperlhack="YES"

# Default options for newly created jails
# Note: Be VERY careful about disabling ezjail_mount_enable. Mounting
# basejail via nullfs depends on this. You will have to find other
# ways to provide your jail with essential system files
# ezjail_mount_enable="YES"
# ezjail_devfs_enable="YES"
# ezjail_devfs_ruleset="devfsrules_jail"
# ezjail_procfs_enable="YES"
# ezjail_fdescfs_enable="YES"

# ZFS options

# Setting this to YES will start to manage the basejail and newjail in ZFS
# ezjail_use_zfs="YES"

# Setting this to YES will manage ALL new jails in their own zfs
# ezjail_use_zfs_for_jails="YES"

# The name of the ZFS ezjail should create jails on, it will be mounted at the ezjail_jaildir

# ezjail_jailzfs="tank/ezjail"
# ADVANCED, be very careful!
# ezjail_zfs_properties="-o compression=lzjb -o atime=off"
# ezjail_zfs_jail_properties="-o dedup=on"
```

I show you example on my jail:

```
bsdinstall jail /jails/Oksymoron
```
Command above will install jail in /jails/Oksymoron

```
root@ks3360102:/usr/local/etc # cat /etc/jail.conf
Oksymoron {
        path = /jails/Oksymoron;
        mount.devfs;
        #allow.mount;
        #mount;
        host.hostname = Oksymoron.edu.pl;
        ip4.addr = 192.168.0.1;
        interface = lo1;
        exec.start = "/bin/sh /etc/rc";
        exec.stop = "/bin/sh /etc/rc.shutdown";
        
}
```
Command below will create and run jail

```
jail -c Oksymoron
```

Now check using 
	
	



```
jls
```

Do you get it ?


----------



## fred974 (Mar 2, 2014)

*Re: ezjail question*

yup thank you


----------

