NAME

SYNOPSIS

DESCRIPTION

Command line option:

mode=full

Display all possible options, including the path selection for jail storage, etc.

Dialog menu options:

profile

Jail profile to use, this allows some defaults to be set from the profile.

pkglist

Provide package list for the new jail.

jname

Short jail name.

host_hostname

FQDN for the jail environment.

ip4_addr

IP addresses (separated by commas if more than one) or 0 for vnet/bhyve environments.

ver

FreeBSD version for the base.

baserw

Mount copy of base via nullfs in read only (baserw=no) or populate own copy (baserw=yes) with write access.

mount_ports

Mount /usr/ports dir from base system to jail (read only).

astart

Start jail automatically on the system boot.

interface

Specify uplink for jail (on which interface to create/remove IP) or disable network.

applytpl

Automatically adjust the same settings of the jail (create /etc/hosts, change WRKDIRPREFIX, etc..).

floatresolv

Automatically adjust /etc/resolv.conf from jnameserver IP (settings from initenv/initenv-tui)

arch

Specify architecture of jail environment.

zfs_snapsrc

Use this ZFS snapshot as source for jail data (eg. zmirror/jails/jail1@init).

user_pw_root

Change jail root password.

add_user

Create additional user account in jail.

services

Toggle additional startup services.

pkg_bootstrap

Toggle pkg bootstrap.

--help

Show simple usage instructions.

Dialog menu options with mode=full:

path

path to jail mountpoint

basename

alternative base name

data

alternative path to data directory

Some notes about packages selected using cbsd jconstruct-tui

When pkg.conf and repository are configured properly it is possible to select packages to be installed right after jail creation using the pkglist menu item. For security reasons it is recommended to use either official FreeBSD pkg repo, or build your own packages. If the repository is unavailable the pkglist will not show any results. Multi-repo support and the ability to choose a specific repository is missing at the time. Please remember that packages chosen using cbsd jconstruct-tui are from the host and will work in the jail only if the architecture and the FreeBSD version of the jail are the same as of the host machine.

After you have configured all the options, after hitting "GO Proceed" you will be asked one final question, if you would like to create jail right away or save the configuration for later jail creation. The later can be done by running

% cbsd jcreate jconf=path_to_cfg

Important security implication: Make it a rule to always change the root password in newly created jails or in jails obtained from a repository. If the jail is created with "applytpl=0" the files /etc/{passwd,master.passwd,group} will be the same as original "clean" files from FreeBSD installation, leaving the root password empty. If the jail is created with "applytpl=1" $workdir/share/jail-skel files will be used as skel files. Here the default password is 'cbsd'. You can change default root password when new jail is created by editing the hash in jail-skel master.passwd:

% vipw -d ${workdir}/share/jail-skel/etc

ENVIRONMENT

FILES

$workdir/ftmp

Place where generated jail configurations are stored.

${workdir}/share/jail-skel/etc

Here are all the files that will be copied over after jail creation.

EXIT STATUS

DIAGNOSTICS

SEE ALSO

AUTHORS