jail and dedicated zfs dataset

Jacques Foucry jacques+freebsd at foucry.net
Fri Feb 7 08:26:27 UTC 2020 

Le mardi 04 févr. 2020 à 22:56:54 (-0800), David Christensen à écrit:
> On 2020-02-04 13:44, Jacques Foucry wrote:

Hello David,

Thanks for your answer.
> I have a SOHO LAN with a FreeBSD server and jails for CVS and Samba.  I
> (mostly) followed along with Chapter 22 of Lucas AF3E [1]:

Definitively I need to buy and read it.
> 
> 2020-02-04 22:30:15 toor at soho ~
> # freebsd-version
> 12.1-RELEASE-p1
> 
> 2020-02-04 22:30:23 toor at soho ~
> # uname -a
> FreeBSD soho.tracy.holgerdanske.com 12.1-RELEASE-p1 FreeBSD 12.1-RELEASE-p1
> GENERIC  amd64

Same situation as mine…
> 
> 
> I created a top-level ZFS dataset in my root pool for jails.  I then created
> a dataset for each jail.  I did not modify any of the ZFS properties:
> 
> 
> The bulk CVS and the Samba data are in separate datasets in another pool:

Ok, I have only one pool, but the trick still the same.
> 

NAME             PROPERTY    VALUE                 SOURCE
tank/root/mails  mountpoint  /jails/mail/var/mail  local

> # zfs get mountpoint p1/ds2/cvs p1/ds2/samba
> NAME          PROPERTY    VALUE                        SOURCE
> p1/ds2/cvs    mountpoint  /jail/cvs/var/local/cvs      received
> p1/ds2/samba  mountpoint  /jail/samba/var/local/samba  received

But the source for stay local. Is it because I only have one pool (I guess it's
that).

> 
> 
> Here is my jail configuration file:
> 
> 2020-02-04 22:32:41 toor at soho ~
> # cat /etc/jail.conf
> $j="/jail";
> path="$j/$name";
> host.hostname="$name.tracy.holgerdanske.com";
> 
> exec.clean;
> exec.start="sh /etc/rc";
> exec.stop="sh /etc/rc.shutdown";
> mount.devfs;
> 
> cvs {
>     ip4.addr="192.168.5.23";
> }
> 
> samba {
>     ip4.addr="192.168.5.24";
> }


I need to make more general options, but the essential configuration is there.


And, is works. But in the jail the Mouted on is [restriced]

mail# df -h .
Filesystem         Size    Used   Avail Capacity  Mounted on
tank/root/mails    6.9T     88K    6.9T     0%    [restricted]
mail# pwd
/var/mail

I can, as root create folders. Is it weird or normal?

Another question if you can answer.

Using nullfs and fstab.<jailname> I mount the host lestencrypt folder in the
jail in order to have a single point for certificates.

At the jail startup, postfix and dovecot failed to launch, but connected to the
jail they start with no problem. I suppose this came because the nullfs is not
mounted when dovecot and postfix start.
Btw, I did found any log about the start of my jail.

On the jail /var/log/maillog I found:

Feb  7 07:45:15 mail postfix/master[51684]: fatal: bind :: port 25: Can't assign
 requested address

Does it means postfix try to be started to soon in the jail create process?

How can I manage the start time?


Thanks a lot for your help,

Regards,
-- 
Jacques Foucry

More information about the freebsd-questions mailing list