diff options
-rwxr-xr-x | ezjail-admin | 129 | ||||
-rwxr-xr-x | ezjail.conf.sample | 7 |
2 files changed, 118 insertions, 18 deletions
diff --git a/ezjail-admin b/ezjail-admin index 579b758..5c67d38 100755 --- a/ezjail-admin +++ b/ezjail-admin | |||
@@ -39,7 +39,7 @@ case `uname -p` in amd64) ezjail_dirlist="${ezjail_dirlist} usr/lib32"; ezjail_b | |||
39 | # Synopsis messages | 39 | # Synopsis messages |
40 | ezjail_usage_ezjailadmin="${ezjail_admin} v3.0\nUsage: ${ezjail_admin} [archive|config|console|create|delete|install|list|restore|update] {params}" | 40 | ezjail_usage_ezjailadmin="${ezjail_admin} v3.0\nUsage: ${ezjail_admin} [archive|config|console|create|delete|install|list|restore|update] {params}" |
41 | ezjail_usage_install="Usage: ${ezjail_admin} install [-mMpPsS] [-h host] [-r release]" | 41 | ezjail_usage_install="Usage: ${ezjail_admin} install [-mMpPsS] [-h host] [-r release]" |
42 | ezjail_usage_create="Usage: ${ezjail_admin} create [-xbi] [-f flavour] [-r jailroot] [-s size] [-c bde|eli] [-C args] [-a archive] jailname jailip" | 42 | ezjail_usage_create="Usage: ${ezjail_admin} create [-xbi] [-f flavour] [-r jailroot] [-s size] [-c bde|eli|zfs] [-C args] [-a archive] jailname jailip" |
43 | ezjail_usage_delete="Usage: ${ezjail_admin} delete [-w] jailname" | 43 | ezjail_usage_delete="Usage: ${ezjail_admin} delete [-w] jailname" |
44 | ezjail_usage_update="Usage: ${ezjail_admin} update [-s sourcetree] [-p] (-b|-i|-u|-P)" | 44 | ezjail_usage_update="Usage: ${ezjail_admin} update [-s sourcetree] [-p] (-b|-i|-u|-P)" |
45 | ezjail_usage_config="Usage: ${ezjail_admin} config [-r run|norun] [-n newname] [-i attach|detach|fsck] jailname" | 45 | ezjail_usage_config="Usage: ${ezjail_admin} config [-r run|norun] [-n newname] [-i attach|detach|fsck] jailname" |
@@ -200,6 +200,13 @@ ezjail_splitworld() { | |||
200 | 200 | ||
201 | # This mkdir is important, since cpio will create intermediate | 201 | # This mkdir is important, since cpio will create intermediate |
202 | # directories with permission 0700 which is bad | 202 | # directories with permission 0700 which is bad |
203 | if [ "${ezjail_use_zfs}" = "YES" ]; then | ||
204 | echo "ZFS: create the basejail" | ||
205 | echo "/sbin/zfs create -p -o mountpoint=${ezjail_jaildir} ${ezjail_zfs_properties} ${ezjail_jailzfs}" | ||
206 | /sbin/zfs create -p -o mountpoint=${ezjail_jaildir} ${ezjail_zfs_properties} ${ezjail_jailzfs} | ||
207 | /sbin/zfs create -p ${ezjail_jailzfs}/basejail | ||
208 | /sbin/zfs snapshot ${ezjail_jailzfs}/basejail@`date -v -7d +"%C%y%m%d_%H:%M:%S"` | ||
209 | fi | ||
203 | mkdir -p "${ezjail_jailbase}/usr" | 210 | mkdir -p "${ezjail_jailbase}/usr" |
204 | for dir in ${ezjail_dirlist}; do | 211 | for dir in ${ezjail_dirlist}; do |
205 | find ${dir} | cpio -d -p -v "${ezjail_jailbase}" || exerr "Error: Installation of ${dir} failed." | 212 | find ${dir} | cpio -d -p -v "${ezjail_jailbase}" || exerr "Error: Installation of ${dir} failed." |
@@ -208,8 +215,15 @@ ezjail_splitworld() { | |||
208 | mkdir basejail | 215 | mkdir basejail |
209 | 216 | ||
210 | # Try to remove the old template jail | 217 | # Try to remove the old template jail |
211 | [ -d "${ezjail_jailtemplate}" ] && chflags -R noschg "${ezjail_jailtemplate}" && rm -rf "${ezjail_jailtemplate}" | 218 | if [ "${ezjail_use_zfs}" = "YES" ]; then |
212 | mv "${ezjail_jailfull}" "${ezjail_jailtemplate}" | 219 | echo "ZFS: cleanup old template jail" |
220 | [ -d "${ezjail_jailtemplate}" ] && zfs destroy -R ${ezjail_jailzfs}/newjail && rm -rf "${ezjail_jailtemplate}" | ||
221 | cd ${ezjail_jaildir} | ||
222 | zfs rename ${ezjail_jailzfs}/fulljail ${ezjail_jailzfs}/newjail | ||
223 | else | ||
224 | [ -d "${ezjail_jailtemplate}" ] && chflags -R noschg "${ezjail_jailtemplate}" && rm -rf "${ezjail_jailtemplate}" | ||
225 | mv "${ezjail_jailfull}" "${ezjail_jailtemplate}" | ||
226 | fi | ||
213 | 227 | ||
214 | # If the default flavour example has not yet been copied, do it now | 228 | # If the default flavour example has not yet been copied, do it now |
215 | [ -d "${ezjail_flavours}/default" ] || mkdir -p "${ezjail_flavours}" && cp -p -R "${ezjail_examples}/default" "${ezjail_flavours}" | 229 | [ -d "${ezjail_flavours}/default" ] || mkdir -p "${ezjail_flavours}" && cp -p -R "${ezjail_examples}/default" "${ezjail_flavours}" |
@@ -313,6 +327,20 @@ parse_gbde_attach_args () { | |||
313 | return ${_exit} | 327 | return ${_exit} |
314 | } | 328 | } |
315 | 329 | ||
330 | check_for_zfs () { | ||
331 | . "/etc/rc.conf" | ||
332 | if [ "${ezjail_use_zfs}" = "YES" ] && [ "${zfs_enable}" != "YES" ]; then | ||
333 | echo "You have to enable ZFS in /etc/rc.conf" | ||
334 | exit | ||
335 | fi | ||
336 | |||
337 | _zpoolstatus=`/sbin/zpool list -H -o health ${ezjail_jailzfs%%/*} 2> /dev/null` | ||
338 | if [ ! "${_zpoolstatus}" = "ONLINE" ]; then | ||
339 | echo "Your zpool does not exist or is not online." | ||
340 | exit | ||
341 | fi | ||
342 | } | ||
343 | |||
316 | ############################# | 344 | ############################# |
317 | # End of function definitions | 345 | # End of function definitions |
318 | # | 346 | # |
@@ -320,6 +348,8 @@ parse_gbde_attach_args () { | |||
320 | # check for command | 348 | # check for command |
321 | [ $# -gt 0 ] || exerr ${ezjail_usage_ezjailadmin} | 349 | [ $# -gt 0 ] || exerr ${ezjail_usage_ezjailadmin} |
322 | 350 | ||
351 | check_for_zfs | ||
352 | |||
323 | case "$1" in | 353 | case "$1" in |
324 | ######################## ezjail-admin CREATE ######################## | 354 | ######################## ezjail-admin CREATE ######################## |
325 | create) | 355 | create) |
@@ -343,12 +373,18 @@ create) | |||
343 | 373 | ||
344 | # we need at least a name and an ip for new jail | 374 | # we need at least a name and an ip for new jail |
345 | [ "${ezjail_name}" -a "${ezjail_ip}" -a $# -eq 2 ] || exerr ${ezjail_usage_create} | 375 | [ "${ezjail_name}" -a "${ezjail_ip}" -a $# -eq 2 ] || exerr ${ezjail_usage_create} |
376 | |||
377 | # show the user the type of image used | ||
378 | echo "TYPE: $ezjail_imagetype" | ||
346 | 379 | ||
347 | # check for sanity of settings concerning the image feature | 380 | # check for sanity of settings concerning the image feature |
348 | [ -z "${ezjail_imagetype}" -o "${ezjail_exists}" -o "${ezjail_imagesize}" ] || exerr "Error: Image jails need an image size." | 381 | if [ "${ezjail_imagetype}" != "zfs" ]; then |
382 | [ -z "${ezjail_imagetype}" -o "${ezjail_exists}" -o "${ezjail_imagesize}" ] || exerr "Error: Image jails need an image size." | ||
383 | fi | ||
384 | |||
349 | 385 | ||
350 | # check for a sane image type | 386 | # check for a sane image type |
351 | case ${ezjail_imagetype} in ""|simple|bde|eli) ;; *) exerr ${ezjail_usage_create};; esac | 387 | case ${ezjail_imagetype} in ""|simple|bde|eli|zfs) ;; *) exerr ${ezjail_usage_create};; esac |
352 | 388 | ||
353 | # check for a sane image size and split it up in blocks | 389 | # check for a sane image size and split it up in blocks |
354 | if [ "${ezjail_imagesize}" ]; then | 390 | if [ "${ezjail_imagesize}" ]; then |
@@ -422,13 +458,16 @@ create) | |||
422 | 458 | ||
423 | # Location of our image file | 459 | # Location of our image file |
424 | ezjail_image="${ezjail_image}.img" | 460 | ezjail_image="${ezjail_image}.img" |
461 | |||
462 | # zfs does not use image files | ||
463 | [ "${ezjail_imagetype}" = "zfs" ] && unset ezjail_image | ||
425 | 464 | ||
426 | # Prepare crypto jail so that an attacker cannot guess which blocks | 465 | # Prepare crypto jail so that an attacker cannot guess which blocks |
427 | # have been written | 466 | # have been written |
428 | case ${ezjail_imagetype} in bde|eli) ezjail_sourcedevice="/dev/random";; simple) ezjail_sourcedevice="/dev/zero";; esac | 467 | case ${ezjail_imagetype} in bde|eli) ezjail_sourcedevice="/dev/random";; simple) ezjail_sourcedevice="/dev/zero";; esac |
429 | 468 | ||
430 | # If NOT exist, create image | 469 | # If NOT exist and imagetype not ZFS, create image |
431 | if [ -z "${ezjail_exists}" ]; then | 470 | if [ -z "${ezjail_exists}" ] && [ ! ${ezjail_imagetype} = "zfs" ]; then |
432 | [ -e "${ezjail_image}" ] && exerr "Error: A file exists at ${ezjail_image}.\n Won't overwrite an existing image." | 471 | [ -e "${ezjail_image}" ] && exerr "Error: A file exists at ${ezjail_image}.\n Won't overwrite an existing image." |
433 | 472 | ||
434 | # Now create jail disc image | 473 | # Now create jail disc image |
@@ -475,9 +514,18 @@ create) | |||
475 | simple) | 514 | simple) |
476 | ezjail_device=${ezjail_imagedevice} | 515 | ezjail_device=${ezjail_imagedevice} |
477 | ;; | 516 | ;; |
517 | zfs) | ||
518 | echo "ZFS: create the jail filesystem" | ||
519 | if [ ${ezjail_imagesize} ]; then | ||
520 | ezjail_zfs_jail_properies="-o quota=${ezjail_imagesize} -o compression=lzjb" | ||
521 | fi | ||
522 | [ -d "${ezjail_jaildir}/${ezjail_hostname}" ] && exerr "Error: Could not create jail root mount point ${ezjail_rootdir}" | ||
523 | /sbin/zfs create -p -o mountpoint=${ezjail_rootdir} ${ezjail_zfs_jail_properies} ${ezjail_jailzfs}/${ezjail_hostname} | ||
524 | ;; | ||
525 | |||
478 | esac | 526 | esac |
479 | 527 | ||
480 | if [ -z "${ezjail_exists}" ]; then | 528 | if [ -z "${ezjail_exists}" ] && [ ! ${ezjail_imagetype} = "zfs" ]; then |
481 | # Format memory image | 529 | # Format memory image |
482 | newfs -U "/dev/${ezjail_device}" || detach_images || exerr "Error: Could not newfs /dev/${ezjail_device}." | 530 | newfs -U "/dev/${ezjail_device}" || detach_images || exerr "Error: Could not newfs /dev/${ezjail_device}." |
483 | # Create mount point and mount | 531 | # Create mount point and mount |
@@ -500,7 +548,16 @@ create) | |||
500 | [ $? -eq 0 ] || detach_images || exerr "Error: Could not extract archive from ${ezjail_fromarchive}." | 548 | [ $? -eq 0 ] || detach_images || exerr "Error: Could not extract archive from ${ezjail_fromarchive}." |
501 | elif [ -z "${ezjail_exists}" ]; then | 549 | elif [ -z "${ezjail_exists}" ]; then |
502 | # now take a copy of our template jail | 550 | # now take a copy of our template jail |
503 | mkdir -p "${ezjail_rootdir}" && cd "${ezjail_jailtemplate}" && find . | cpio -p -v "${ezjail_rootdir}" > /dev/null | 551 | if [ "${ezjail_imagetype}" = "zfs" ] && [ "${ezjail_use_zfs}" = "YES" ]; then |
552 | # create ZFS filesystem first when using ZFS | ||
553 | /sbin/zfs snapshot ${ezjail_jailzfs}/newjail@_createnewjailtmp | ||
554 | /sbin/zfs send ${ezjail_jailzfs}/newjail@_createnewjailtmp | zfs receive -F ${ezjail_jailzfs}/${ezjail_hostname} | ||
555 | /sbin/zfs destroy ${ezjail_jailzfs}/${ezjail_hostname}@_createnewjailtmp | ||
556 | /sbin/zfs destroy ${ezjail_jailzfs}/newjail@_createnewjailtmp | ||
557 | else | ||
558 | mkdir -p "${ezjail_rootdir}" && cd "${ezjail_jailtemplate}" && find . | cpio -p -v "${ezjail_rootdir}" > /dev/null | ||
559 | fi | ||
560 | |||
504 | [ $? -eq 0 ] || detach_images || exerr "Error: Could not copy template jail." | 561 | [ $? -eq 0 ] || detach_images || exerr "Error: Could not copy template jail." |
505 | fi | 562 | fi |
506 | 563 | ||
@@ -510,8 +567,9 @@ create) | |||
510 | # if the automount feature is not disabled, this fstab entry for new jail | 567 | # if the automount feature is not disabled, this fstab entry for new jail |
511 | # will be obeyed | 568 | # will be obeyed |
512 | echo -n > /etc/fstab.${ezjail_safename} | 569 | echo -n > /etc/fstab.${ezjail_safename} |
513 | [ "${ezjail_imagetype}" ] && \ | 570 | if [ "${ezjail_imagetype}" ] && [ ! "${ezjail_imagetype}" = "zfs" ] ; then |
514 | echo ${ezjail_devicelink} ${ezjail_rootdir} ufs rw 0 0 >> "/etc/fstab.${ezjail_safename}" | 571 | echo ${ezjail_devicelink} ${ezjail_rootdir} ufs rw 0 0 >> "/etc/fstab.${ezjail_safename}" |
572 | fi | ||
515 | echo ${ezjail_jailbase} ${ezjail_rootdir}/basejail nullfs ro 0 0 >> "/etc/fstab.${ezjail_safename}" | 573 | echo ${ezjail_jailbase} ${ezjail_rootdir}/basejail nullfs ro 0 0 >> "/etc/fstab.${ezjail_safename}" |
516 | 574 | ||
517 | # now, where everything seems to have gone right, create control file in | 575 | # now, where everything seems to have gone right, create control file in |
@@ -576,7 +634,7 @@ create) | |||
576 | [ $? -eq 0 ] && echo -e "Warning: Some services already seem to be listening on all IP, (including ${ezjail_ip})\n This may cause some confusion, here they are:\n${ezjail_listener}" | 634 | [ $? -eq 0 ] && echo -e "Warning: Some services already seem to be listening on all IP, (including ${ezjail_ip})\n This may cause some confusion, here they are:\n${ezjail_listener}" |
577 | IFS=${TIFS} | 635 | IFS=${TIFS} |
578 | 636 | ||
579 | [ "${ezjail_imagetype}" ] && echo "Note: To administrate your image jail, attach it using the '${ezjail_admin} config -i attach ${ezjail_hostname}' command." | 637 | [ "${ezjail_imagetype}" ] && [ "${ezjail_imagetype}" != "zfs" ] && echo "Note: To administrate your image jail, attach it using the '${ezjail_admin} config -i attach ${ezjail_hostname}' command." |
580 | ;; | 638 | ;; |
581 | ######################## ezjail-admin DELETE ######################## | 639 | ######################## ezjail-admin DELETE ######################## |
582 | delete) | 640 | delete) |
@@ -626,7 +684,15 @@ delete) | |||
626 | 684 | ||
627 | # if wiping the jail was requested, remove it | 685 | # if wiping the jail was requested, remove it |
628 | if [ "${ezjail_wipeme}" ]; then | 686 | if [ "${ezjail_wipeme}" ]; then |
629 | [ "${ezjail_image}" ] && rm -f "${ezjail_image}" "${ezjail_image%.img}.device" | 687 | case ${ezjail_imagetype} in |
688 | simple|bde|eli) | ||
689 | [ "${ezjail_image}" ] && rm -f "${ezjail_image}" "${ezjail_image%.img}.device" | ||
690 | ;; | ||
691 | zfs) | ||
692 | echo "ZFS: delete the jails ZFS" | ||
693 | /sbin/zfs destroy -r ${ezjail_jailzfs}/${ezjail_hostname} | ||
694 | ;; | ||
695 | esac | ||
630 | rm -rf "${ezjail_rootdir}" | 696 | rm -rf "${ezjail_rootdir}" |
631 | fi | 697 | fi |
632 | 698 | ||
@@ -674,6 +740,10 @@ setup|update) | |||
674 | # Check if some action was requested | 740 | # Check if some action was requested |
675 | [ "${ezjail_installaction}" ] || exerr "Error: No install action has been chosen.\n Please note that ezjails behaviour changed. Rebuilding the world no longer is default.\n Run '${ezjail_admin} update -b' to build and install a world from source or '${ezjail_admin} update -i' to install an already built world." | 741 | [ "${ezjail_installaction}" ] || exerr "Error: No install action has been chosen.\n Please note that ezjails behaviour changed. Rebuilding the world no longer is default.\n Run '${ezjail_admin} update -b' to build and install a world from source or '${ezjail_admin} update -i' to install an already built world." |
676 | 742 | ||
743 | if [ "${ezjail_use_zfs}" = "YES" ]; then | ||
744 | zfs create -p -o mountpoint=${ezjail_jaildir} ${ezjail_jailzfs} | ||
745 | fi | ||
746 | |||
677 | if [ "${ezjail_installaction}" = "none" ]; then | 747 | if [ "${ezjail_installaction}" = "none" ]; then |
678 | # check, whether ezjail has been setup correctly. existence of | 748 | # check, whether ezjail has been setup correctly. existence of |
679 | # ezjail_jailbase is our indicator | 749 | # ezjail_jailbase is our indicator |
@@ -683,6 +753,9 @@ setup|update) | |||
683 | 753 | ||
684 | # If ran from cron be kind to freebsds update servers and sleep first | 754 | # If ran from cron be kind to freebsds update servers and sleep first |
685 | [ -z "$TERM" -o "$TERM" = "dumb" ] && sleep $(( ${RANDOM} % 3600 )) | 755 | [ -z "$TERM" -o "$TERM" = "dumb" ] && sleep $(( ${RANDOM} % 3600 )) |
756 | if [ "${ezjail_use_zfs}" = "YES" ]; then | ||
757 | zfs snapshot ${ezjail_jailzfs}/basejail@`date -v -7d +"%C%y%m%d_%H:%M:%S"` | ||
758 | fi | ||
686 | freebsd-update -b ${ezjail_jailbase} fetch install | 759 | freebsd-update -b ${ezjail_jailbase} fetch install |
687 | else | 760 | else |
688 | # Bump the user for some of the most common errors | 761 | # Bump the user for some of the most common errors |
@@ -692,8 +765,14 @@ setup|update) | |||
692 | 765 | ||
693 | # Normally fulljail should be renamed by past ezjail-admin commands. | 766 | # Normally fulljail should be renamed by past ezjail-admin commands. |
694 | # However those may have failed | 767 | # However those may have failed |
695 | [ -d "${ezjail_jailfull}" ] && chflags -R noschg "${ezjail_jailfull}" && rm -rf "${ezjail_jailfull}" | 768 | if [ "${ezjail_use_zfs}" = "YES" ]; then |
696 | mkdir -p "${ezjail_jailfull}" || exerr "Error: Cannot create temporary Jail directory." | 769 | echo "ZFS: manage basejail and newjail" |
770 | [ -d "${ezjail_jailfull}" ] && /sbin/zfs destroy -R "${ezjail_jailzfs}/fulljail" && rm -rf "${ezjail_jailfull}" | ||
771 | /sbin/zfs create -p "${ezjail_jailzfs}/fulljail" || exerr "Error: Cannot create temporary Jail directory." | ||
772 | else | ||
773 | [ -d "${ezjail_jailfull}" ] && chflags -R noschg "${ezjail_jailfull}" && rm -rf "${ezjail_jailfull}" | ||
774 | mkdir -p "${ezjail_jailfull}" || exerr "Error: Cannot create temporary Jail directory." | ||
775 | fi | ||
697 | 776 | ||
698 | # make and setup our world, then split basejail and newjail | 777 | # make and setup our world, then split basejail and newjail |
699 | cd "${ezjail_sourcetree}" && env DESTDIR="${ezjail_jailfull}" make ${ezjail_installaction} || exerr "Error: The command 'make ${ezjail_installaction}' failed.\n Refer to the error report(s) above." | 778 | cd "${ezjail_sourcetree}" && env DESTDIR="${ezjail_jailfull}" make ${ezjail_installaction} || exerr "Error: The command 'make ${ezjail_installaction}' failed.\n Refer to the error report(s) above." |
@@ -751,8 +830,14 @@ install) | |||
751 | 830 | ||
752 | # Normally fulljail should be renamed by past ezjail-admin commands. | 831 | # Normally fulljail should be renamed by past ezjail-admin commands. |
753 | # However those may have failed | 832 | # However those may have failed |
754 | [ -d "${ezjail_jailfull}" ] && chflags -R noschg "${ezjail_jailfull}" && rm -rf "${ezjail_jailfull}" | 833 | if [ "${ezjail_use_zfs}" = "YES" ]; then |
755 | mkdir -p "${ezjail_jailfull}" || exerr "Error: Cannot create temporary jail directory." | 834 | echo "ZFS: manage basejail and newjail" |
835 | [ -d "${ezjail_jailfull}" ] && /sbin/zfs destroy -R "${ezjail_jailzfs}/fulljail" && rm -rf "${ezjail_jailfull}" | ||
836 | /sbin/zfs create -p "${ezjail_jailzfs}/fulljail" || exerr "Error: Cannot create temporary Jail directory." | ||
837 | else | ||
838 | [ -d "${ezjail_jailfull}" ] && chflags -R noschg "${ezjail_jailfull}" && rm -rf "${ezjail_jailfull}" | ||
839 | mkdir -p "${ezjail_jailfull}" || exerr "Error: Cannot create temporary Jail directory." | ||
840 | fi | ||
756 | DESTDIR=${ezjail_jailfull} | 841 | DESTDIR=${ezjail_jailfull} |
757 | 842 | ||
758 | rm -rf "${ezjail_jailtemp}" | 843 | rm -rf "${ezjail_jailtemp}" |
@@ -1108,6 +1193,12 @@ config) | |||
1108 | else | 1193 | else |
1109 | unset ezjail_new_image | 1194 | unset ezjail_new_image |
1110 | fi | 1195 | fi |
1196 | |||
1197 | if [ "${ezjail_imagetype}" = "zfs" ]; then | ||
1198 | # ZFS: using the zfs rename feature to rename the filesystem, remounting is done by ZFS | ||
1199 | zfs rename ${ezjail_jailzfs}/${ezjail_hostname} ${ezjail_jailzfs}/${ezjail_new_hostname} | ||
1200 | fi | ||
1201 | |||
1111 | 1202 | ||
1112 | # adjust softlink | 1203 | # adjust softlink |
1113 | if [ -L "${ezjail_softlink}" ]; then | 1204 | if [ -L "${ezjail_softlink}" ]; then |
@@ -1116,7 +1207,9 @@ config) | |||
1116 | fi | 1207 | fi |
1117 | 1208 | ||
1118 | # rename rootdir | 1209 | # rename rootdir |
1119 | mv "${ezjail_rootdir}" "${ezjail_new_rootdir}" | 1210 | if [ ! "${ezjail_imagetype}" = "zfs" ]; then |
1211 | mv "${ezjail_rootdir}" "${ezjail_new_rootdir}" | ||
1212 | fi | ||
1120 | 1213 | ||
1121 | # rename fstab | 1214 | # rename fstab |
1122 | echo -n > "/etc/fstab.${ezjail_new_safename}" | 1215 | echo -n > "/etc/fstab.${ezjail_new_safename}" |
diff --git a/ezjail.conf.sample b/ezjail.conf.sample index ebc904a..46c08bc 100755 --- a/ezjail.conf.sample +++ b/ezjail.conf.sample | |||
@@ -46,3 +46,10 @@ | |||
46 | # ezjail_devfs_ruleset="devfsrules_jail" | 46 | # ezjail_devfs_ruleset="devfsrules_jail" |
47 | # ezjail_procfs_enable="YES" | 47 | # ezjail_procfs_enable="YES" |
48 | # ezjail_fdescfs_enable="YES" | 48 | # ezjail_fdescfs_enable="YES" |
49 | |||
50 | # Setting this to YES will start to manage the basejail and newjail in ZFS | ||
51 | # ezjail_use_zfs="YES" | ||
52 | # The name of the ZFS ezjail should create jails on, it will be mounted at the ezjail_jaildir | ||
53 | # ezjail_jailzfs="tank/ezjail" | ||
54 | # ADVANCED, be very careful! | ||
55 | # ezjail_zfs_properties="-o compression=lzjb -o atime=off" | ||