Note: You are viewing an old version of this page. View the current version.

This will delegate a dataset and its children to the given jail upon jail startup. The dataset will be unavailable to the host.

/etc/jail.conf:

testnas {
  ...
  enforce_statfs = 1;
  allow.mount;
  allow.mount.zfs;
  exec.prestart = "/srv/jail/${name}/jailds ${name} testnas &";
}

/srv/jail/testnas/jailds:

#!/bin/sh -e

jail_getid() {
  [ "${1}" ] || return 1
  jls -j "${1}" 2>/dev/null | grep -v '^[[:space:]]*JID' | while read jid ip host path
  do
    echo ${jid}
  done
}

jail="${1}"
dataset="${2}"

[ "${jail}" -a "${dataset}" ] || {
  echo "Usage: jailds <jailname> <dataset>" >&2
  exit 1
}

jid=""
for try in $(jot 20 1)
do
  jid=$(jail_getid "${jail}")
  [ "${jid}" ] && break
  sleep 0.25
done

[ "${jid}" ] || {
  echo "jailds: jail ${jail} never appeared" >&2
  exit 1
}

zfs set jailed=on "${dataset}"
zfs jail "${jid}" "${dataset}"
jexec "${jail}" zfs mount -a