1295457Sdteske# $FreeBSD: stable/11/share/examples/jails/rc.conf.jails 310011 2016-12-13 04:53:25Z dteske $ 2295457Sdteske 3295457Sdteske############################################################################### 4295457Sdteske############################# JAIL CONFIGURATIONS ############################# 5295457Sdteske############################################################################### 6295457Sdteske 7295457Sdteskejail_enable="YES" 8310011Sdteskejail_list="XXX" 9295457Sdteske 10295457Sdteske# 11295457Sdteske# Global presets for all jails 12295457Sdteske# 13295457Sdteskejail_devfs_enable="YES" # mount devfs 14295457Sdteske# Optional (default off) 15295457Sdteske#jail_sysvipc_allow="YES" # Allow SysV Interprocess Comm. 16295457Sdteske#jail_set_hostname_allow="YES" # Allow hostname to change 17295457Sdteske 18295457Sdteske# 19295457Sdteske# To allow dhclient(8) to work inside a jail, make sure the following appears 20295457Sdteske# in /etc/devfs.rules (which should be created if it doesn't exist): 21295457Sdteske# 22295457Sdteske# [devfsrules_jail=11] 23295457Sdteske# add include $devfsrules_hide_all 24295457Sdteske# add include $devfsrules_unhide_basic 25295457Sdteske# add include $devfsrules_unhide_login 26295457Sdteske# add path 'bpf*' unhide 27295457Sdteske# 28295457Sdteske 29295457Sdteske############################################################ JAILS 30295457Sdteske 31295457Sdteske# NETGRAPH TEMPLATE (copy/pate; then replace {name} with short name for jail) 32295457Sdteske# 33295457Sdteske# {name} 34295457Sdteske# 35295457Sdteske#jail_{name}_hostname="{name}.shxd.cx" # hostname 36295457Sdteske#jail_{name}_rootdir="/vm/{name}" # root directory 37295457Sdteske#jail_{name}_vnet_interfaces="ng0_{name}" # vnet interface(s) 38295457Sdteske#jail_{name}_exec_prestart0="jng bridge {name} em0" # bridge interface(s) 39295457Sdteske#jail_{name}_exec_poststop0="jng shutdown {name}" # destroy interface(s) 40295457Sdteske# Optional (default off) 41295457Sdteske#jail_{name}_devfs_ruleset="11" # rule to unhide bpf for DHCP 42295457Sdteske#jail_{name}_mount_enable="YES" # mount /etc/fstab.{name} 43295457Sdteske 44295457Sdteske# IF_BRIDGE TEMPLATE (copy/pate; then replace {name} with short name for jail) 45295457Sdteske# 46295457Sdteske# {name} 47295457Sdteske# 48295457Sdteske#jail_{name}_hostname="{name}.shxd.cx" # hostname 49295457Sdteske#jail_{name}_rootdir="/vm/{name}" # root directory 50295457Sdteske#jail_{name}_vnet_interfaces="e0b_{name}" # vnet interface(s) 51295457Sdteske#jail_{name}_exec_prestart0="jib addm {name} em0" # bridge interface(s) 52295457Sdteske#jail_{name}_exec_poststop0="jib destroy {name}" # destroy interface(s) 53295457Sdteske# Optional (default off) 54295457Sdteske#jail_{name}_devfs_ruleset="11" # rule to unhide bpf for DHCP 55295457Sdteske#jail_{name}_mount_enable="YES" # mount /etc/fstab.{name} 56295457Sdteske 57295457Sdteske# 58295457Sdteske# XXX 59295457Sdteske# 60310011Sdteskejail_XXX_hostname="XXX.YYY" # hostname 61310011Sdteskejail_XXX_rootdir="/vm/XXX" # root directory 62295457Sdteske# netgraph 63310011Sdteskejail_XXX_vnet_interface="ng0_XXX" # vnet interface(s) 64310011Sdteskejail_XXX_exec_prestart0="jng bridge XXX em0" # bridge interface(s) 65310011Sdteskejail_XXX_exec_poststop0="jng shutdown XXX" # destroy interface(s) 66295457Sdteske# if_bridge 67310011Sdteske#jail_XXX_vnet_interface="e0b_XXX" # vnet interface(s) 68310011Sdteske#jail_XXX_exec_prestart0="jib addm XXX em0" # bridge interface(s) 69310011Sdteske#jail_XXX_exec_poststop0="jib destroy XXX" # destroy interface(s) 70295457Sdteske# Optional (default off) 71310011Sdteske#jail_XXX_devfs_ruleset="11" # rule to unhide bpf for DHCP 72310011Sdteske#jail_XXX_mount_enable="YES" # mount /etc/fstab.XXX 73295457Sdteske 74295457Sdteske################################################################################ 75295457Sdteske# END 76295457Sdteske################################################################################ 77