On 2016-10-31 11:06, io7m+org.freebsd.j...@io7m.com wrote:
Hello.
I have an incredibly trivial jail setup:
/usr/jail/com.example.service0 is the root of the jail.
/usr/jail/com.example.service0/base is an empty directory.
/usr/jail/base is a directory containing binaries.
I use the following jail configuration:
com_example_service0
{
exec.start = "/bin/sh";
host.hostname = com.example.service0;
interface = em0;
ip4.addr = 127.0.0.2;
mount.fstab = /usr/jail/com.example.service0.fstab;
path = /usr/jail/com.example.service0;
}
The /usr/jail/com.example.service0.fstab contains a single line:
/usr/jail/base /usr/jail/com.example.service0/base nullfs ro,noauto 0 0
I start the jail:
host# jail -v -f com.example.service0.conf -c com_example_service0
com_example_service0: run command: /sbin/ifconfig em0 inet 127.0.0.2
netmask 255.255.255.255 alias
com_example_service0: run command: /sbin/mount -t nullfs -o ro,noauto
/usr/jail/base /usr/jail/com.example.service0/base
com_example_service0: jail_set(JAIL_CREATE) persist
name=com_example_service0 host.hostname=com.example.service0
ip4.addr=127.0.0.2 path=/usr/jail/com.example.service0
com_example_service0: created
com_example_service0: run command in jail: /bin/sh
# exit
com_example_service0: jail_set(JAIL_UPDATE) jid=13 nopersist
host#
The jail is gone:
host# jls
JID IP Address Hostname Path
However:
host# df -h | grep service0
# df -h
Filesystem Size Used Avail Capacity
Mounted on
zroot/ROOT/default 13G 475M 13G 4% /
devfs 1.0K 1.0K 0B 100% /dev
zroot/tmp 13G 108K 13G 0% /tmp
zroot/usr/home 13G 136K 13G 0%
/usr/home
zroot/usr/ports 13G 96K 13G 0%
/usr/ports
zroot/usr/src 13G 96K 13G 0%
/usr/src
zroot/var/audit 13G 96K 13G 0%
/var/audit
zroot/var/crash 13G 96K 13G 0%
/var/crash
zroot/var/log 13G 148K 13G 0%
/var/log
zroot/var/mail 13G 96K 13G 0%
/var/mail
zroot/var/tmp 13G 96K 13G 0%
/var/tmp
zroot 13G 96K 13G 0%
/zroot
zroot/jail 13G 249M 13G 2%
/usr/jail
zroot/jail/com.example.service0 13G 4.0M 13G 0%
/usr/jail/com.example.service0
/usr/jail/base 13G 249M 13G 2%
/usr/jail/com.example.service0/base
.. the /usr/jail/com.example.service0/base directory was not unmounted.
What do I need to do to get the directory to be correctly unmounted
when the jail ceases to exist?
There are two different conditions for a jail ceasing to exist. When
the jail is removed, i.e. with "jail -r", it will unmount directories
and clear IP address etc. But if the jail just goes away on its own,
jail(8) won't (often can't) do any of those things.
Your case is an example of a jail just "going away". A jail exists as
long as there's a process (or occasionally something else) attached to
it, or if it's marked "persist". Generally, your exec.start script is
expected to run some background server or other; perhaps a single
service process, or often a regular rc setup with at least syslogd and
cron running. But at least in this test setup you gave here, the
exec.start is just a single shell that then ends with nothing left
behind. Then when jail(8) takes off the temporary persist flag (which
was there so all its programs could run), there's nothing left to keep
the jail alive, and it silently goes away.
If your jail is truly meant to exist without attached processes, you'll
want to add the "persist" parameter to is definition.
- Jamie
_______________________________________________
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
