Run "zfs jail" on jail start

Status
Not open for further replies.
J

jefferai

Cadet
Joined
Nov 15, 2016
Messages
4
I want to allow management of a ZFS dataset inside of a jail. I created the jail with various sysctls, enabled the dataset jailed property, and set an allow list on the dataset. The good news is that all of this is working -- when the dataset is bound to the jail I can snap, destroy etc.

The rub is the "when the dataset is bound" part: after the jail starts, I need to manually run "zfs jail <jail name> <dataset name>" on the host in order to bind the dataset to the jail. Once I do that, I can use ZFS on the dataset from inside the jail without any issues. What I'm trying to do is get this to happen automatically.

I've tried adding a post-start command into /etc/jail.conf but it didn't work. I don't see any option in the FreeNAS GUI to run anything at different times in the jail lifecycle.

Any advice is appreciated!
 
D

dlavigne

Guest
Does adding the dataset as a storage not do what you want?
 
C

cellardoor

Dabbler
Joined
Jul 21, 2017
Messages
25
Thanks for the quick reply.

No.

I need this dataset as unmountet dataset visible for the jail.
The dataset is only visible for the jail after doing zfs jail <jail name> <dataset name>
and after that a script inside the jail can mount, snap, create dataset etc.
Everything is working if i do zfs jail <jail name> <dataset name> by my self after the jail is up
but after a reboot the jail, the property is gone and i have to zfs jail <jail name> <dataset name> again.

I use warden maybe it is easier in iocage because as far i know warden has nothing like jail.conf?
 
Last edited:
D

dlavigne

Guest
Yes, iocage may be easier as it stores its config as ZFS properties. Let us know if that works for you.
 
C

cellardoor

Dabbler
Joined
Jul 21, 2017
Messages
25
I found a working solution.
With warden we have a meta for every jail in the base dataset where all the jails gets installed.
In this meta we have hook scripts like jail-post-start which i used.
In my case the meta looks like .urbackup.meta which I used to set up Urbackup with the ability to
make copy-on-write raw image and file backups with ZFS
working in a freenas jail where UrBackup puts each backup into a
separate dataset and stores the image backup and file backup as a single big file (snapshot).
Change the script to your needs and voila we have the jail properties.
Thanks
 
Last edited:
Status
Not open for further replies.

Similar threads

W
  • Locked
Use ZFS dataset within jail (create sub-datasets, etc)
Replies
16
Views
4K
SmarJackal
S
H
  • Locked
zfs/snapshot-capable jail with iocage under FreeNAS?
Replies
4
Views
2K
Henning Kessler
H
Nvious1
11.2 iocage jail - freespace of dataset mounts into the jail
Replies
2
Views
833
Nvious1
Nvious1
G
  • Locked
Mounting a ZFS dataset within a jail
Replies
4
Views
2K
ghostdogg
G
E
  • Locked
Jail storage problem
Replies
6
Views
839
fracai
fracai
Top