# jail flavour not doing anything



## fred974 (Jan 31, 2014)

Hi guys I am trying to set a jail flavor but without any success.. 

```
#!/bin/sh
#
# BEFORE: DAEMON
# PROVIDE: ezjail.webflavor.config
# ezjail flavour webflavor
# 

# Timezone
###########
#
ln -s /usr/share/zoneinfo/Europe/London /etc/localtime

. /etc/rc.subr

name=ezjail.flavour.webflavor
start_cmd=flavour_setup

flavour_setup() {

# Remove traces of ourself
# N.B.: Do NOT rm $0, it points to /etc/rc
##########################
  rm -f "/etc/rc.d/ezjail.flavour.webflavor"

# Groups
#########
#
pw groupadd -q -n webadmin -g 1001
pw groupadd -q -n dbadmin -g 1002
pw groupadd -q -n mailadmin -g 1003

# Users
########
#
# give root a known password
echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' | pw usermod -n root -H 0
pw usermod root -p 01 01 01

echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
pw useradd -n admin -u 1001 -c "System Administrator" -g admin -G wheel -s /bin/csh -d /home/admin -m -H 0
pw usermod admin -p 01 01 01

echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
pw useradd -n dbadmin -u 1002 -c "Database Administrator" -g dbadmin -G wheel -s /bin/csh -d /home/dbadmin -m -H 0
pw usermod dbadmin -p 01 01 01

echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
pw useradd -n mailadmin -u 1003 -c "Mail Administrator" -g mailadmin -G wheel -s /bin/csh -d /home/mailadmin -m -H 0
pw usermod mailadmin -p 01 01 01

### Daemon/System Accounts
# POSTFIX
echo -n '*' |\
pw useradd -n postfix -u 125 -s /usr/sbin/nologin -m -d /var/spool/postfix -g postfix -c 'Postfix Mail User' -H 0
## Postfix gripes if /var/spool/postfix isn't owned by root/wheel
chown root:wheel /var/spool/postfix

# Files
########
#
# 
chown -R admin:webadmin /home/admin
chown -R dbadmin:dbadmin /home/dbadmin
chown -R mailadmin:mailadmin /home/mailadmin

# Postinstall
##############
#
# services must only listen on their own IP
hostname=$(hostname -s)
hname=$(grep $hostname /etc/hosts | awk '{print $1}')
echo "ListenAddress $hname" >> /etc/ssh/sshd_config

# Create all.log and console.log (chmod all.log, too)
touch /var/log/all.log && chmod 0600 /var/log/all.log
touch /var/log/console.log

# Packages
###########
#
# Install Portmaster
make -C /usr/ports/ports-mgmt/portmaster BATCH=yes OPTIONS_FILE_SET="BASH ZSH" install
}
run_rc_command "$1"
```

The jails are created with:

```
ezjail-admin create -f webflavor -c zfs www 192.168.0.105
```
When I login to the jail, no package or users has been installed/created.

Can anyone spot the mistake?
Am I supposed to change the following to something else?

```
start_cmd=flavour_setup
flavour_setup() {
```
to 

```
start_cmd=webflavor_setup
webflavor_setup() {
```


----------



## fred974 (Jan 31, 2014)

Sorry to bug you guys.. but has anyone as any idea?


----------



## junovitch@ (Feb 3, 2014)

You shouldn't have to change the name of that script or any of the functions in it.  Did you start by doing `cp -Rp /usr/jails/flavours/example /usr/jails/flavours/webflavor`?


----------



## fred974 (Feb 4, 2014)

Hi  @junovitch,
Bellow the command I used to copy the example flavour:

```
cp -p /usr/jails/flavours/example/etc/rc.d/ezjail.flavour.example /usr/jails/flavours/webflavor/etc/rc.d/ezjail.flavour.webflavor
```

I also tried you way and copied file over but the problem is the same.. No users or groups or package are installed


----------



## junovitch@ (Feb 5, 2014)

Well, if there's something wrong I'm not seeing it.  I would suggest something like this to try to hammer down where the issue is.

Make your jail just like to did.
`ezjail-admin create -f webflavor -c zfs www 192.168.0.105`

Make sure the flavour is there.
`ls -al /usr/jails/www/etc/rc.d/ezjail.flavour.webflavor`

Start the jail and check if the script has ran.  It deletes itself so this would work.
`ezjail-admin console -f www`
`ls -al /etc/rc.d/ezjail.flavour.webflavor`

If it is gone and the results you were looking for didn't happen, try running it manually and see what happens.  You'll have to copy it manually on the host first then try running it in the jail.
`/etc/rc.d/ezjail.flavour.webflavor`
Or for more verbose output
`sh -x /etc/rc.d/ezjail.flavour.webflavor`

Hopefully when you run it manually it will identify some kind of error that is preventing it from working.


----------



## oxyaxion (Jul 17, 2014)

Hi guys,

I have exactly the same problem with user creation and flavours, with FreeBSD 10

User are not created (no shell, nothing) ...  I speak about this problem here :

https://forums.freebsd.org/viewtopic.php?f=39&t=30063#p264141


By the way example script look like use "pkg_add" for package installation and i know this way is deprecated ?!

And in the first time execution in the jail "pkg" ask you for migration (Y/N) so it's impossible to add in the script flavour.

A little bug maybe ?


----------



## junovitch@ (Jul 20, 2014)

Not sure about the user bit but as far as the packages, I would imagine you can add a custom function toward the bottom of the flavor to install pkg style packages in a very similar manner to what I'm doing in my NanoBSD build script.  Something like what I've shown at the bottom.  But your observation on pkg_add is correct with regards to it being no longer used on FreeBSD 10.0.  You'll also notice another error every time you start the jail since sysutils/ezjail still uses the legacy style of configuration rather than the new jail.conf style.  It's a minor annoyance but the ezjail port does have some catching up to do to work with the new style of jails.


```
env ASSUME_ALWAYS_YES=YES pkg bootstrap
env ASSUME_ALWAYS_YES=YES pkg install ports-mgmt/pkg
env ASSUME_ALWAYS_YES=YES pkg install shells/bash
env ASSUME_ALWAYS_YES=YES pkg install sysutils/tmux
env ASSUME_ALWAYS_YES=YES pkg install net/openntpd
...
```


----------



## fengshaun (Dec 29, 2015)

Sorry for necromancy, but to avoid Wisdom of the Ancients <https://xkcd.com/979> I'll post how I solved it.

I had the same problem recently and two things I did to solve it were:
1. rename ezjail.flavour.whatever to ezjail.flavour and rename the variables inside accordingly. ezjail.flavour.whatever didn't run at all, while ezjail.flavour did.
2. make sure when you copy stuff over, the exec bit is still set. Mine wasn't even executable.


----------



## mtrcycllvr (Feb 23, 2017)

Greetings all - I'm having this EXACT error on 11-RELEASE..   All I can figure out is that ezjail is appearing to pass bogus flags to rc.subr?

Jail name = aikakone
flavour name = aloha

flavour template directory structure is in place, "finish script" in the form of "/etc/rc.d/ezjail.flavour" is in place to be copied over with all the other template files.

`sudo ezjail-admin create -f aloha aikakone 'lo1|127.0.1.1,igb0|192.168.100.30'`

Creates a jail very nicely.   When I start and login to my new jail I find the package scripts have not run, users are not installed - THE SCRIPT IS STILL THERE - all signs it never actually executed..

Try running it manually:

`root@aikakone:/etc/rc.d # [B]file ezjail.flavour.aloha[/B]
ezjail.flavour.aloha: POSIX shell script, ASCII text executable
root@aikakone:/etc/rc.d # [B]ls -ld ezjail.flavour.aloha[/B]
-rwxr-xr-x  1 root  wheel  834 Feb 23 05:19 ezjail.flavour.aloha
root@aikakone:/etc/rc.d #[B] ./ezjail.flavour.aloha start[/B]
eval: ${ezjail....}: Bad substitution
root@aikakone:/etc/rc.d #`

update with set -x to see if we can figure out WHAT is puking up here...

`root@aikakone:/etc/rc.d # [B]./ezjail.flavour.aloha start[/B]
+ . /etc/rc.subr
+ : 14375
+ export RC_PID
+ [ -z '' ]
+ _rc_subr_loaded=YES
+ SYSCTL=/sbin/sysctl
+ SYSCTL_N='/sbin/sysctl -n'
+ SYSCTL_W=/sbin/sysctl
+ PROTECT=/usr/bin/protect
+ ID=/usr/bin/id
+ IDCMD='if [ -x /usr/bin/id ]; then /usr/bin/id -un; fi'
+ PS='/bin/ps -ww'
+ /bin/ps -ww -p 14375 -o 'jid='
+ JID=0
+ _rc_namevarlist='program chroot chdir env flags fib nice user group groups prepend'
+ _rc_subr_loaded=:
+ name=ezjail.flavour.aloha
+ start_cmd=flavour_setup
+ run_rc_command start
+ _return=0
+ rc_arg=start
+ [ -z ezjail.flavour.aloha ]
+ shift 1
+ rc_extra_args=''
+ _rc_prefix=''
+ eval '_override_command=$ezjail.flavour.aloha_program'
+ _override_command=.flavour.aloha_program
+ command=.flavour.aloha_program
+ _keywords='start stop restart rcvar enabled describe extracommands '
+ rc_pid=''
+ _pidcmd=''
+ _procname=.flavour.aloha_program
+ [ -n .flavour.aloha_program ]
+ [ -n '' ]
+ _pidcmd='rc_pid=$(check_process .flavour.aloha_program )'
+ [ -n 'rc_pid=$(check_process .flavour.aloha_program )' ]
+ _keywords='start stop restart rcvar enabled describe extracommands  status poll'
+ [ -z start ]
+ [ start '=' enabled ]
+ [ -n '' ]
+ eval 'rc_flags=$ezjail.flavour.aloha_flags'
+ rc_flags=.flavour.aloha_flags
[I][B]+ eval '_chdir=$ezjail.flavour.aloha_chdir' '_chroot=$ezjail.flavour.aloha_chroot' '_nice=$ezjail.flavour.aloha_nice' '_user=$ezjail.flavour.aloha_user' '_group=$ezjail.flavour.aloha_group' '_groups=$ezjail.flavour.aloha_groups' '_fib=$ezjail.flavour.aloha_fib' '_env=$ezjail.flavour.aloha_env' '_prepend=$ezjail.flavour.aloha_prepend' '_login_class=${ezjail.flavour.aloha_login_class:-daemon}' '_oomprotect=$ezjail.flavour.aloha_oomprotect'[/B][/I]
eval: ${ezjail....}: Bad substitution
root@aikakone:/etc/rc.d #`

I have tried various script naming schemes, and reviewed OTHER posts that clearly show the code SHOULD allow for either ezjail.flavour or ezjail.flavour.$FLAVOURNAME should work.  I've tried both, but the script always ends up with this:

`eval: ${ezjail....}: Bad substitution`

I'm stumped - what might I be doing wrong?  As up to date as I can get - perhaps that's now an issue?

Basically, what flags?   Am I missing something?

Thanks for any feedback!

Eric


----------



## mtrcycllvr (Feb 23, 2017)

*This has been SOLVED.  *Or at least MY PARTICULAR CASE has been solved...

;-)

The issue is changes to the /etc/rc management environment and lack of updates to ezjail..

Problem ONE:

*FILE NAME cannot have dots in it!!* 

`[B]mv ezjail.flavour.aloha ezjail_flavour_aloha[/B]` 

Likewise, script references to itself need to be updated internally to the script!!

`[etimberl@laatikko:/usr/jails/flavours/aloha/etc/rc.d]% [B]grep ezjail_flav zjail_flavour_aloha[/B]
# PROVIDE: ezjail_flavour_aloha
name=ezjail_flavour_aloha
rm -f "/etc/rc.d/ezjail_flavour_aloha"
[etimberl@laatikko:/usr/jails/flavours/aloha/etc/rc.d]%`


Problem TWO:

*pkg(7) has depreciated "pkg_add" syntax and you need to, as noted above, set an env variable to say "yes" for you..*

This sample works for me - you may choose alternative syntax..   I'm old and somewhat inflexible..  ;-)

`env ASSUME_ALWAYS_YES=YES pkg bootstrap
if [ -d /pkg ] ;then
cd /pkg
for i in *
  do
    env ASSUME_ALWAYS_YES=YES pkg add $i
  done
cd /
rm -rf /pkg
fi`


After making these changes to the "flavour example", my ezjail finish script seems to be working as expected!!

Users are created, packages are installed, shells are set, the script erases all traces of itself..

`[etimberl@laatikko:~]% [B]sudo ezjail-admin console aikakone[/B]
FreeBSD 11.0-RELEASE-p1 (GENERIC) #0 r306420: Thu Sep 29 01:43:23 UTC 2016

Welcome to FreeBSD!

[root@aikakone:~]# [B]pkg info[/B]
pkg-1.9.4_1                    Package manager
ssmtp-2.64_1                   Extremely simple MTA to get mail off the system to a mail hub
tree-1.7.0                     Display a tree-view of directories with optional color or HTML output
zsh-5.3.1                      The Z shell
[root@aikakone:~]#`

Thanks for the hints on this thread!!  (*env ASSUME_ALWAYS_YES=YES* hint above!!)

Sincerely,

-ET-


----------



## k4v (Nov 1, 2017)

This works for me


----------

