moving jail to closed segment questions

[mykolaq]

Hello, everybody!
I need to move installed and configured jail from network segment with internet to sefment without.
i have created exporting file successfully with

Code:

warden export jail_name

, moved it by flash to another network segment, than import it by

Code:

warden import /path_to_wdn/

.
But:

Code:

[root@NAS2] ~# warden list
ID                       AUTOSTART    STATUS       TYPE
---------------------------------------------------------------------------
OFF                      Disabled     Stopped      standard
[root@NAS2] ~# jls
   JID  IP Address      Hostname                      Path
     1  10.10.10.1      glpi_closed                   /mnt/apps/jails/OFF
[root@NAS2] ~# jexec glpi_closed /bin/sh
#

Why warden shows me that ID is "OFF"? why status is closed, but i can exec /bin/sh in jail? Why i can configure that jail by web (settings is not saving)?

 

[mykolaq]

anybody here?

 

[dlavigne]

Yup. But FreeNAS does not support warden import/export which probably explains why warden list is weird...

 

[mykolaq]

Yup. But FreeNAS does not support warden import/export which probably explains why warden list is weird...

But are there some ways to move jail from one segment to another?

 

[dlavigne]

You could replicate its dataset. Or tarball it.

 

[mykolaq]

You could replicate its dataset. Or tarball it.

Do not understand how. because i do not have access from one network to another

 

[dlavigne]

Create a tarball then, copy it to a media, and untar on the other side should do the trick.

 

[mykolaq]

Create a tarball then, copy it to a media, and untar on the other side should do the trick.

I think i understand you, thank you very much

 

[mykolaq]

I have created tarball by using

Code:

tar -cvzf glpi_closed.tgz /mnt/MainData/jails/glpi_closed/

Then i have created mtree file

Code:

mtree -c -p /mnt/MainData/jails/glpi_closed -k sha256digest > glpiclosed.mtree

Copyied this files to another network on another server, added jail template,

configured file security like this

Code:

-rwxr-x--x  1 root    wheel  839588419 Jan 27 11:48 glpi_closed.tgz*
-rwxr-x--x  1 root    wheel   35598024 Jan 27 10:45 glpiclosed.mtree*

But when i'm trying to add a new jail with this template i'm catching error "Unable to find template". Opening this URIs by browser is ok. What i'm doing wrong?

 

[SweetAndLow]

Can you ping the address from your freenas server? Sounds like you haven't configured networking or have a cheap dhcp server that doesn't configure default routes for you.

 

[mykolaq]

Can you ping the address from your freenas server? Sounds like you haven't configured networking or have a cheap dhcp server that doesn't configure default routes for you.

Sure i can, cause templares located on the same server :) i do not use dhcp on this network, just static addresses

 

[mykolaq]

Hello, anybody. Today i have returned to my problem vs import jail to another segment again, because i have decided, that i need glpi in my closed (phisycally vsout internet) segment. And i have done it. Maybe somebody need the same. My steps:

1. Go to the freenas in segment vs internet and create/configure our jail
2. In console warden export jail_name
3. Copy result .wdn file to usb and move this to freenas in closed segment
4. Go to the freenas in closed segment and in console warden import /path/jail_name. Now you have jail vs ID OFF (watch vs warden list).
5. Rename zfs pool of imported jail vs zfs rename to name you need.
6. Rename .OFF.meta. folder to .jail_name.meta.
7. warden start jail_name

Profit