exec_poststart

James Gritton jamie at gritton.org
Mon Feb 8 22:57:42 UTC 2016 

On 2016-02-05 16:01, markham breitbach wrote:
> I am trying to figure out how to get a script to figure out the 
> hostname
> of the jail that is starting without having to manual set that as a
> command line parameter (as illustrated).  It seems that the script is
> getting executed in a clean environment, regardless of the exec.clean
> setting.  Is this a bug?  The man pages aren't particularly clear on 
> the
> expected behaviour of this.  I am running FreeBSD 10.2.
> 
> I would like to be able to set exec.poststart as a global default so it
> doesn't need to be defined per jail.
> 
> Thanks,
> -Markham
> 
> ####################JAIL.CONF#########################
> exec.clean = 0 ;
> 
> # HOW TO PASS THE JAILNAME TO THIS SCRIPT?
> exec.poststart += "/path/to/script.sh";
> 
> # My test jail
> testjail_example_com {
>     # THIS WORKS
>     exec.poststart += "/path/to/script.sh testjail.example.com";
>     exec.clean = 0 ;
>     host.hostname = "testjail.example.com";
>     path = "/usr/jails/testjail.example.com";
>     ip4.addr += "net0|192.0.2.1/24";
>     exec.system_user = "root";
>     exec.jail_user = "root";
>     exec.start += "/bin/sh /etc/rc";
>     exec.stop = "";
>     exec.consolelog = "/var/log/jail_testjail_example_com_console.log";
>     mount.fstab = "/etc/testjail_example_com";
>     mount.devfs;
>     devfs_ruleset = "5";
>     mount.fdescfs;
>     mount.procfs;
>     allow.mount;
>     allow.set_hostname = 0;
>     allow.sysvipc = 0;
>     allow.raw_sockets=1;
> }

You can reference jail parameters within other parameters, much like 
you'd use shell variables.  In the global part of the definition, you 
can set:

exec.poststart = "/path/to/script.sh ${host.hostname}"

Then you won't need to define a separate exec.poststart within each 
jail.  Note you can also do this with the path parameter, since your 
path is based on the hostname.  And exec.consolelog and mount.fstab are 
based on the jail name, so you can similarly globally set something like 
mount.fstab = "/etc/$name".

exec.clean=0 should indeed avoid scrubbing the environment, but note 
that if your jail starts by running /etc/rc, the top of rc will reset at 
least the path on its own, probably other stuff as well.

- Jamie

More information about the freebsd-jail mailing list