Hi Anthony, > On Jan 27, 2026, at 9:23 AM, Anthony Pankov <[email protected]> wrote: > > Hello, > > Does anybody have thoughts (solution) about "attachable" user environment for > a jails?
I'm not sure how you mean "attachable", but what you are trying to achieve can be done a number of different ways using normal UNIX tools, > > I mean that diving into a jail (jexec) leave user (operator) with a > shell/tools available inside a jail. > This make things hard because operator will work efficiently and with less > pain only with own well-known and customized tool. If your intended use of a jail is to jexec in, (or to ssh in, whichever), you could certainly just install the things you need in that system, > > The straight-line solution is to install needed tools and configuration files > in every jail. For example, install vim/emacs/kakoune, plugins, and > configurations in every jail. You could maintain configs in tarballs and merely unpack them inside the context of the jail. You could also just 'pkg install vim emacs kakoune' inside your jail, and have fresh versions of these tools ready to use. To cap it off, you could create a shell script to be run inside the jailed host, which does all of the above, in just a few lines. > The solution obviously is a bad because it raise many problems such as > keeping it up-to-date and potentially have a dependency conflict with native > jails library/binaries. In other words it pollute jails with things not > related to a jail functionality. > > I'm thinking about some "toolchest" with a preconfigured tools which may be > attached to any jail giving to operator stable environment defined in this > toolchest. Since 2000, I've been doing this with tarballs, with excellent, consistent results. Since the introduction of ZFS, I've also been doing this with ZFS snapshots of "jail builds", keeping snapshots of different types of jails with everything pre-built, ready to just light up a new one on a ZFS disk clone. Lots of ways to achieve what you want, and inside a running jail, updating software and configs is just like on any FreeBSD host. > I see it as hierarchy of a files containing all editor/tools/scripts and > configurations. > > Then "diving in a jail" seems to be: > 1. Mount_nullfs toolchest to a predefined dir in a jail; Nullfs is absolutely one way to get the stuff mounted in your jail hierarchy, yet, ZFS snapshots have proven more robust and reliable in my experiences in the last 15yrs. > 2. Do "jexec -e" with environment and a shell pointed to that mounted > toolchest. You could certainly do this, and perhaps mount the "toolchest" volume as your user's home directory, etc... Just so many ways to go here, depending on your needs. > > But may be somebody has a more smarter thoughts. Not sure there's a smarter way to do any of this, it's all up to you and what you're trying to accomplish- all the tools one needs to do spectacular, automated, jail deployments are simply in the base OS :) Best, .ike > > > -- > Best regards, > Anthony Pankov mailto:[email protected] > >
