# Jail mount from rc.conf improperly set up



## sossego (Mar 5, 2014)

Listing of /etc/rc.conf:

```
hostname="nunca-conhecado"
sshd_enable="YES"
moused_enable="YES"
powerd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
zfs_enable="YES"

jail_enable="YES"
jail_list="FreeBSD-Google"

jail_FreeBSD-Google_rootdir="/jails/FreeBSD-Google_projects"
jail_FreeBSD-Google_ip="127.1.2.7"
jail_FreeBSD-Google_devfs_enable="YES"
```

Listing of /jails/etc/jail.conf:

```
FreeBSD-Google {
     path = /jails/FreeBSD-Google_projects
     allow.mount;
     mount.devfs;
     host.hostname = bsd-googlebox;
     ip4.addr = [B]127.1.2.7[/B];
     interface = lo0;
     exec.start = "/etc/init.d/rc 3";
     exec.stop = "/etc/init.d/rc 0";
    }
```

Error message repeated prior to login:

```
/etc/rc.conf: WARNING: jail_extract_address: type not identified
expr: illegal option -- G
expr: usage: expre [-e] expression
```

I am aware that the mount point is wrong and the error is my own. I do not know how to solve the problem.


----------



## sossego (Mar 5, 2014)

Perhaps the problem is in using 
	
	



```
exec.start = "/etc/init.d/rc 3";
     exec.stop = "/etc/init.d/rc 0";
```
 and not using /etc/rc.d/jail?


----------



## SirDice (Mar 5, 2014)

They look like they're from Linux. Which is good if the jail is in fact a Linux. If it's a FreeBSD jail then you can either remove them or use these:

```
exec.start = "/bin/sh /etc/rc";
     exec.stop = "/bin/sh /etc/rc.shutdown";
```

The error probably stems from trying to bind 127.1.2.7 to lo0. Most people bind their jails to either the physical network interface (re0 for example) or lo1. You also have a combination of the old jail_* variables in rc.conf and a jail.conf. Remove the variables from rc.conf, they're not needed any more and are actually deprecated.


----------



## sossego (Mar 5, 2014)

The lo1 is a clone, yes? I will look at the man pages. Give me a few.

Edit: Research: http://wiki.polymorf.fr/index.php/Howto ... _jail_vnet

Would that one be what I need?


----------



## sossego (Mar 5, 2014)

The majority of the time, i am using public wireless points. Is it possible to clone wlan0 or create a bridge to it? My guess is that I would need to execute a script after creating and bringing up wlan0.


----------



## SirDice (Mar 6, 2014)

sossego said:
			
		

> The lo1 is a clone, yes? I will look at the man pages. Give me a few.


Yes, lo1 is a cloned interface. I don't have a man page for it unfortunately.



> Edit: Research: http://wiki.polymorf.fr/index.php/Howto ... _jail_vnet
> 
> Would that one be what I need?


No, that's something else. With VIMAGE you can virtualize the interface, it's still quite experimental but with it you can, for example, run PF inside a jail on it's "own" interface.


----------



## sossego (Mar 6, 2014)

While I have wlan0 created, how do I clone it or a similar device to work within the jail?


----------



## SirDice (Mar 6, 2014)

You don't need to clone anything, you can bind the jail directly to the interface.


----------



## sossego (Mar 6, 2014)

That is where I am having the difficulty. I do not know how to bind the jail to the interface.


----------



## sossego (Mar 8, 2014)

Jail.conf was done wrong. Not yet solved.


----------



## sossego (Mar 8, 2014)

Okay.
Things have been corrected.
Currently, I have an IP address assigned to lo0; yet, the jail is not connecting to the outside. Is this now a packet filter/pf problem?


----------



## the_power_to_serve_freely (Nov 26, 2015)

The issue was actually /etc/rc.conf or /etc/jail.conf variables containing dash `-` invalid character:
eg:

```
jail_FreeBSD-Google_ip="127.1.2.7"     # in rc.conf
```
or just `FreeBSD-Google` section in jail.conf. Those are evaluated as (invalid) shell variables in /etc/rc.d/jail

More details in case still in doubt. In `extract_var()` function of /etc/rc.d/jail script the following code applied for example to get jail's rootdir:

```
_name1=jail_${_j}_${_name}
                _name2=jail_${_name}
                eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
```
results in:

```
+ _name1=jail_FreeBSD-Google_rootdir
+ _name2=jail_rootdir
+ eval '_tmpargs="${jail_FreeBSD-Google_rootdir:-${jail_rootdir:-}}"'
+ _tmpargs=Google_rootdir:-
```

As `"${jail_FreeBSD-Google_rootdir}"` is not a variable with valid name, the evaluated expression results in `Google_rootdir:-` instead of wished value: `/jails/FreeBSD-Google_projects`

Later in this same script this invalid dash in variable names will result in more errors and notably the one appearing in the error message:

```
expr: illegal option -- G
expr: usage: expr [-e] expression
```

`-G` coming from the `FreeBSD-Google` name interpreted as an option by `expr` command.

```
+ expr -Google_ip : '-Google_ip\(.*\)'
```


----------

