blob: 9c9b1f990bd4b21778d51ff79d76881abb5e92f3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
.\" Process this file with
.\" groff -man -Tascii jailer.8
.\"
.TH JAILER 8 "May 2002" "Version 1.2" "User Manual"
.SH NAME
.B jailer
\- manage a jail from inside
.SH SYNOPSIS
.B jailer [
.I console-file
.B ]
.SH DESCRIPTION
.B jailer
manages the startup and shutdown of a jail from within
the jail. It also manages the jails console by linking
/dev/console inside the jail to a log file.
To use, replace the '/bin/sh /etc/rc' portion
of your jail startup command with jailer. For example
instead of:
.RS 1
.B jail /jails/myjail host 10.0.1.1 /bin/sh /etc/rc
.RE 1
use:
.RS 1
.B jail /jails/myjail host 10.0.1.1 /usr/local/sbin/jailer
.RE 1
.B jailer
will start the jail by running
.I /etc/rc
and then remain running as a daemon inside the jail waiting
for signals to perform shutdown or restarts.
A shutdown is performed by first running
.IR /etc/rc.shutdown ,
and then killing all the processes still running. A restart is
a combination of the above.
The following signals have special meaning to the jailer:
.IP HUP
Causes
.B jailer
to restart the jail. If the jail is not running at the time
it is simply started.
.IP QUIT
Initiates a jail shutdown.
.B jailer
remains running after processing the request.
.IP TERM
Same as
.I QUIT
but also quits jailer. No more processes will be left running
inside the jail.
.SH JAIL CONSOLE MANAGEMENT
A normal jail has no console perse, and
.BR dmesg (8)
reads straight from the host kernel message buffer.
.B jailer
changes this to provide a virtual console for the jail.
On jailer startup the file
.I /var/log/console
is created or truncated.
.I /dev/console
is then hard linked to the console file.
Along with the jailer distribution you'll find a new
.BR dmesg (8)
which just reads from
.I /dev/console.
Replace
.BR /sbin/dmesg (8)
with this new executable and you're set.
The output of
.B jailer
startup and shutdown operations are also output to this
virtual console.
.SH SCRIPTS
Along with the
.B jailer
distribution come several helper scripts:
.IP halt
This is a replacement for
.BR /sbin/halt (8)
inside the jail which signals the running
.B jailer
process.
.IP reboot
Same as above for
.BR /sbin/reboot (8)
.SH OPTIONS
.IP console-file
Overrides the default location of the console log file,
usually
.I /var/log/console
.SH FILES
.I /var/log/console
.RS
Virtual console file.
.SH BUGS
Virtual jail consoles don't work with FreeBSD 5.0 yet. This is due to
.BR devfs (8)
.BR shutdown (8)
doesn't work with the
.I halt
and
.I reboot
scripts.
.SH AUTHOR
Nate Nielsen <nielsen@memberwebs.com>
.SH "SEE ALSO"
.BR jail (8),
.BR halt (8),
.BR reboot (8),
.BR dmesg (8)
|
