# Updating jails by hand



## nicky (Jul 14, 2019)

Hello good folks 

I have at present 8 jails, which were build by hand, and with varying build settings in src.conf. 1 jail operates as a web proxy, 1 as mail server and the rest runs websites with Apache. I would like to continue operating the jails by hand, but I would also like to adjust what parts is built into the jails (to slim them down) now that I have been running them for a few months. And to update them.

Originally I had thought to built new jails and migrate their services to them, but I realized recently that it must be possible to update the jails just like the hosts base system. However, I have tried several times, and broken the designated test jail every time. When updating the hosts base system, I use buildworld, buildkernel (which isn't needed on the jails) and mergemaster and, believe it or not, I really like the process. Is the same process roughly possible with jails?

Ideally, I would reach these goals

Updating the jails base system, hopefully while reusing the built binaries to update multiple jails at once, without rebuilding the source
Add or remove binaries from the jails (like telnet, mail), depending on the src.conf used
Updating the jails base configuration files
I have tried reading the manual and handbook on buildworld, but while they where very informative, I didn't really get any answers on how to build in or build out binaries on jails. Or I missed it. They contain a lot of useful information.

mergemaster seems to install all the configuration files, also configuration files for binaries not currently installed, which I would like to avoid. On the other hand, without running mergemaster, I don't know how to keep the configuration files of the jails current, as I might miss settings available in newer versions of the binaries I have installed in the jails.

I hope the above makes sense. Any pointers will be greatly appreciated.


----------



## Shadow53 (Jul 15, 2019)

getopt said:


> Maybe you want to use Ezail in future.



AFAIK ezjail isn't updated to work with the current jails system and people generally use iocage instead.


----------



## Remington (Jul 15, 2019)

Shadow53 said:


> AFAIK ezjail isn't updated to work with the current jails system and people generally use iocage instead.



Ezjail still works very well except you only need to edit /etc/jail.conf manually.  I still use it on FreeBSD 12.0.


----------



## alfikmik (Apr 10, 2021)

This should help








						Chapter 16. Jails
					

Jails improve on the concept of the traditional chroot environment in several ways




					docs.freebsd.org


----------



## zirias@ (Apr 10, 2021)

Regarding mergemaster, please read this:








						Heads-Up: Deprecation of mergemaster
					

So far, I was using mergemaster when upgrading from source; it worked fine, and it's also described in the handbook.  Now I learned it's deprecated and will be removed soon. It might be dangerous after 13.0-RELEASE, because it relies on SVN source tags that don't exist any more with git!  For...




					forums.freebsd.org
				




But then, both mergemaster(8) (don't use it any more, see above) and etcupdate(8) (use THIS) have an option to operate on a destination path, like the `DESTDIR` variable for FreeBSD's build system. This always worked fine with jails for me.


----------

