From 8bd6fc0a98539e50d96fe4b499be40c06ca63f5e Mon Sep 17 00:00:00 2001 From: anonymous Date: Fri, 27 Jun 2003 22:56:31 +0000 Subject: Initial revision --- src/jailer.8 | 131 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 131 insertions(+) create mode 100755 src/jailer.8 (limited to 'src/jailer.8') diff --git a/src/jailer.8 b/src/jailer.8 new file mode 100755 index 0000000..9c9b1f9 --- /dev/null +++ b/src/jailer.8 @@ -0,0 +1,131 @@ +.\" Process this file with +.\" groff -man -Tascii jailer.8 +.\" +.TH JAILER 8 "May 2002" "Version 1.2" "User Manual" +.SH NAME +.B jailer +\- manage a jail from inside +.SH SYNOPSIS +.B jailer [ +.I console-file +.B ] +.SH DESCRIPTION +.B jailer +manages the startup and shutdown of a jail from within +the jail. It also manages the jails console by linking +/dev/console inside the jail to a log file. + +To use, replace the '/bin/sh /etc/rc' portion +of your jail startup command with jailer. For example +instead of: + +.RS 1 +.B jail /jails/myjail host 10.0.1.1 /bin/sh /etc/rc +.RE 1 + +use: + +.RS 1 +.B jail /jails/myjail host 10.0.1.1 /usr/local/sbin/jailer +.RE 1 + + +.B jailer +will start the jail by running +.I /etc/rc +and then remain running as a daemon inside the jail waiting +for signals to perform shutdown or restarts. + +A shutdown is performed by first running +.IR /etc/rc.shutdown , +and then killing all the processes still running. A restart is +a combination of the above. + + +The following signals have special meaning to the jailer: +.IP HUP +Causes +.B jailer +to restart the jail. If the jail is not running at the time +it is simply started. +.IP QUIT +Initiates a jail shutdown. +.B jailer +remains running after processing the request. +.IP TERM +Same as +.I QUIT +but also quits jailer. No more processes will be left running +inside the jail. + +.SH JAIL CONSOLE MANAGEMENT +A normal jail has no console perse, and +.BR dmesg (8) +reads straight from the host kernel message buffer. +.B jailer +changes this to provide a virtual console for the jail. + +On jailer startup the file +.I /var/log/console +is created or truncated. +.I /dev/console +is then hard linked to the console file. + +Along with the jailer distribution you'll find a new +.BR dmesg (8) +which just reads from +.I /dev/console. +Replace +.BR /sbin/dmesg (8) +with this new executable and you're set. + +The output of +.B jailer +startup and shutdown operations are also output to this +virtual console. + +.SH SCRIPTS +Along with the +.B jailer +distribution come several helper scripts: + +.IP halt +This is a replacement for +.BR /sbin/halt (8) +inside the jail which signals the running +.B jailer +process. +.IP reboot +Same as above for +.BR /sbin/reboot (8) + +.SH OPTIONS +.IP console-file +Overrides the default location of the console log file, +usually +.I /var/log/console + +.SH FILES +.I /var/log/console +.RS +Virtual console file. + +.SH BUGS +Virtual jail consoles don't work with FreeBSD 5.0 yet. This is due to +.BR devfs (8) + +.BR shutdown (8) +doesn't work with the +.I halt +and +.I reboot +scripts. + +.SH AUTHOR +Nate Nielsen + +.SH "SEE ALSO" +.BR jail (8), +.BR halt (8), +.BR reboot (8), +.BR dmesg (8) -- cgit v1.2.3