HxHippy

Jail Management and Administration

Managing running jails, updates, and maintenance tasks.

Last updated: 2025-01-15

Basic Management Commands

# List running jails
jls
jls -v  # Verbose
jls -n  # Name/value pairs

# Start/stop jails
service jail start myjail
service jail stop myjail
service jail restart myjail

# Start all configured jails
service jail start

# Jail status
service jail status myjail

Executing Commands

# Get shell in jail
jexec myjail /bin/sh
jexec myjail /bin/tcsh

# Run single command
jexec myjail pkg update
jexec myjail service nginx status

# Run as specific user
jexec -U www myjail id

Package Management in Jails

# Update packages
jexec myjail pkg update
jexec myjail pkg upgrade

# Install packages
jexec myjail pkg install nginx

# Using pkg from host
pkg -j myjail install nginx
pkg -j myjail info

Jail Configuration Changes

# Modify jail.conf and restart
vi /etc/jail.conf
service jail restart myjail

# Runtime parameter changes
jail -m name=myjail allow.raw_sockets=1

Resource Limits (RCTL)

# Enable RCTL in /boot/loader.conf
kern.racct.enable=1

# Add rules in /etc/rctl.conf
jail:myjail:memoryuse:deny=2G
jail:myjail:cputime:devctl=3600
jail:myjail:maxproc:deny=100

# Apply rules
service rctl start

# View jail limits
rctl -l jail:myjail

Monitoring Jails

# Process list for jail
jexec myjail ps aux

# Resource usage
jexec myjail top

# Network connections
jexec myjail sockstat

# Disk usage
du -sh /jails/myjail

Updating Jails

# Update jail's FreeBSD base
freebsd-update -b /jails/myjail fetch install

# Update packages
jexec myjail pkg upgrade

# Upgrade jail to new release
freebsd-update -b /jails/myjail -r 14.1-RELEASE upgrade
freebsd-update -b /jails/myjail install

Backing Up Jails

# Stop jail first for consistency
service jail stop myjail

# ZFS snapshot
zfs snapshot zroot/jails/myjail@backup-$(date +%Y%m%d)

# Tar backup
tar -cvzf /backup/myjail-$(date +%Y%m%d).tar.gz -C /jails myjail

# Start jail
service jail start myjail

Cloning Jails

# ZFS clone
zfs snapshot zroot/jails/myjail@template
zfs clone zroot/jails/myjail@template zroot/jails/newjail

# Update new jail config
vi /etc/jail.conf  # Add newjail section

# Start new jail
service jail start newjail

Deleting Jails

# Stop jail
service jail stop myjail

# Remove from jail.conf
vi /etc/jail.conf

# Remove from rc.conf jail_list
sysrc jail_list-="myjail"

# Delete jail filesystem
zfs destroy zroot/jails/myjail
# Or: rm -rf /jails/myjail
intermediate Jails Updated 2025-01-15
  • freebsd
  • jails
  • management
  • administration
  • maintenance