# I need some help for jail setup



## ikevin8me (Sep 25, 2019)

I need some help for jail setup.

We have now moved to jail.conf and the "devfs_ruleset" is giving us some problem.
Previously, it was something like `jail_jailname_devfs_ruleset="devfsrules_jail"` in the old style.

I tried to put `"devfs_ruleset = "nginx_ruleset";"`

and I'm getting this error:

```
jail: nginx: devfs_ruleset: non-integer value "nginx_ruleset"
```
The entire jail.conf is:

```
nginx {
    host.hostname = nginx.jpik.com;
    ip4.addr = 192.168.1.80;
    path ="/jails/nginx";
    devfs_ruleset = "nginx_ruleset";
    mount.devfs;
    exec.start = "/bin/sh /etc/rc";
    exec.stop = "/bin/sh /etc/rc.shutdown";
}
```

How can I resolve this?


----------



## SirDice (Sep 25, 2019)

You need to use the numerical ID, not the text label.


----------



## ikevin8me (Sep 25, 2019)

So, what is the numerical ID?
How should this line - devfs_ruleset = "nginx_ruleset"; - be replaced?


----------



## SirDice (Sep 25, 2019)

ikevin8me said:


> So, what is the numerical ID?


Example:

```
[devfsrules_unhide_basic=2]
add path log unhide
add path null unhide
add path zero unhide
add path crypto unhide
add path random unhide
add path urandom unhide
```
The numerical ID is 2 for this rule set.


----------



## ikevin8me (Sep 25, 2019)

OK. I changed it to:

```
devfs_ruleset = 2;
or
devfs_ruleset = 4;
```
and the jail did get started.

However, I noticed another problem:
Upon executing `service jail start nginx`,
It hangs after "Starting jails:". I had to issue a break command (Command.Period) on macOS to stop it. The jail does show up in "jls". So, what is causing the hang up?

The jail.conf file is:

```
nginx {
    host.hostname = nginx.jpik.com;
    ip4.addr = 192.168.1.80;
    path ="/jails/nginx";
    devfs_ruleset = 4;
    mount.devfs;
    exec.start = "/bin/sh /etc/rc";
    exec.stop = "/bin/sh /etc/rc.shutdown";
}
```


----------



## ikevin8me (Sep 25, 2019)

OK. I resolved the latter problem (ie. the hangup problem) by adding:

```
interface = em0;
```


Regarding the previous problem of the numerial ID, the documentation is wrong. Please consider updating it: https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-build.html

The line should be changed to:

```
devfs_ruleset = 4;
```
May I suggest the documentation be updated to:

```
www {
    host.hostname = www.example.org;           # Hostname
    ip4.addr = 192.168.0.10;                   # IP address of the jail
    interface = em0;                                # the network interface   --- TO ADD
    path ="/usr/jail/www";                     # Path to the jail
    devfs_ruleset = 4;                         # devfs ruleset --- TO CHANGE
    mount.devfs;                               # Mount devfs inside the jail
    exec.start = "/bin/sh /etc/rc";            # Start command
    exec.stop = "/bin/sh /etc/rc.shutdown";    # Stop command
}
```


----------



## D-FENS (Sep 25, 2019)

The hanging is sometimes caused in jails with web servers or similar apps, when the server tries to resolve its hostname via DNS.
So if at the jail start time your DNS connection does not work (missing network interface in your case, or the connection to the DNS server cannot be established, or missing DNS settings), the jail start command just hangs for quite a long time (your jail startup timeout time, defined in the jail.conf).
I myself have had a number of these problems when the DNS server jail starts after jails that need it.


----------

