Basic Management Commands
# List running jails
jls
jls -v # Verbose
jls -n # Name/value pairs
# Start/stop jails
service jail start myjail
service jail stop myjail
service jail restart myjail
# Start all configured jails
service jail start
# Jail status
service jail status myjail
Executing Commands
# Get shell in jail
jexec myjail /bin/sh
jexec myjail /bin/tcsh
# Run single command
jexec myjail pkg update
jexec myjail service nginx status
# Run as specific user
jexec -U www myjail id
Package Management in Jails
# Update packages
jexec myjail pkg update
jexec myjail pkg upgrade
# Install packages
jexec myjail pkg install nginx
# Using pkg from host
pkg -j myjail install nginx
pkg -j myjail info
Jail Configuration Changes
# Modify jail.conf and restart
vi /etc/jail.conf
service jail restart myjail
# Runtime parameter changes
jail -m name=myjail allow.raw_sockets=1
Resource Limits (RCTL)
# Enable RCTL in /boot/loader.conf
kern.racct.enable=1
# Add rules in /etc/rctl.conf
jail:myjail:memoryuse:deny=2G
jail:myjail:cputime:devctl=3600
jail:myjail:maxproc:deny=100
# Apply rules
service rctl start
# View jail limits
rctl -l jail:myjail
Monitoring Jails
# Process list for jail
jexec myjail ps aux
# Resource usage
jexec myjail top
# Network connections
jexec myjail sockstat
# Disk usage
du -sh /jails/myjail
Updating Jails
# Update jail's FreeBSD base
freebsd-update -b /jails/myjail fetch install
# Update packages
jexec myjail pkg upgrade
# Upgrade jail to new release
freebsd-update -b /jails/myjail -r 14.1-RELEASE upgrade
freebsd-update -b /jails/myjail install
Backing Up Jails
# Stop jail first for consistency
service jail stop myjail
# ZFS snapshot
zfs snapshot zroot/jails/myjail@backup-$(date +%Y%m%d)
# Tar backup
tar -cvzf /backup/myjail-$(date +%Y%m%d).tar.gz -C /jails myjail
# Start jail
service jail start myjail
Cloning Jails
# ZFS clone
zfs snapshot zroot/jails/myjail@template
zfs clone zroot/jails/myjail@template zroot/jails/newjail
# Update new jail config
vi /etc/jail.conf # Add newjail section
# Start new jail
service jail start newjail
Deleting Jails
# Stop jail
service jail stop myjail
# Remove from jail.conf
vi /etc/jail.conf
# Remove from rc.conf jail_list
sysrc jail_list-="myjail"
# Delete jail filesystem
zfs destroy zroot/jails/myjail
# Or: rm -rf /jails/myjail
intermediate | Jails | Updated 2025-01-15
- freebsd
- jails
- management
- administration
- maintenance