Jun 092012

Renaming a jail

FreeBSD jails are a great tool. Whether you are using them to virtualize some of your systems (like I am) or to isolate certain processes, they are flexible enough and reliable enough to use for production. Recently, I had to retire some old jails and add some new jails. Instead of just deleting one and creating an new jail, I wanted to rename the existing jail. I figured this was easier than recompiling all the apps that my jail would require. A few notes on this decision:
  • My jails are all very similar.
  • In this case, I was moving from one version of PostgreSQL to another
  • One jail is called pg74 (as in PostgreSQL 7.4)
  • I was going to retire pg74 (which does regression tests on Bacula against PostgreSQL 7.4) and create pg91
Also, I am using ezjail to administer my jails. This tool is used several times in this article. That said, you will still see what I’m doing, and if you’re not using ezjail, you’ll be able to do the same thing with your admin tool[s] of choice.

Removing, but not deleting, the old jail

The first step: stop the old jail.
# /usr/local/etc/rc.d/ezjail stop pg74.example.org
Stopping jails: pg74.example.org.
Now, let’s remove the jail from ezjail’s configuration. Note that I could have skipped the previous step by adding the -f flag to this step:
# ezjail-admin delete pg74_example_org
At this point, the jail is no longer running. However, the files are still present on disk:
# ls /usr/jails/pg74.example.org/
.cshrc    COPYRIGHT bin       dev       home      libexec   mnt       rescue    sbin      tmp       var
.profile  basejail  boot      etc       lib       media     proc      root      sys       usr

Modifying the DNS (optional)

In my case, I wanted to create a new hostname to go with the new jail. But I was going to use the same IP address. This is the patch to my DNS zone files.
$ cvs di example.org.db example.org.rev.db
Index: example.org.db
RCS file: /home/repositories/websites/dns-private/example.org.db,v
retrieving revision 1.101
diff -r1.101 example.org.db
<                               2012011700      ; Serial
>                               2012060800      ; Serial
< pg74     IN A
> pg91     IN A
Index: example.org.rev.db
RCS file: /home/repositories/websites/dns-private/example.org.rev.db,v
retrieving revision 1.32
diff -r1.32 example.org.rev.db
<                               2011072600      ; Serial
>                               2012060800      ; Serial
< 104 IN  PTR pg74.example.org.
> 104 IN  PTR pg91.example.org.
Making these changes and updating your DNS is outside the scope of this article. I’m mentioning it here so I remember this step when I need to do this again.

‘Creating’ the ‘new’ jail

In this step, we rename the directory and create the new jail. First, we rename the directory. Strictly speaking, this is optional. The name of the directory is not related to the hostname of the jail. But convention dictates that the jail directory name should reflect the hostname for that jail.
# cd /usr/jails/
# mv -i pg74.example.org pg91.example.org
Now, let’s start the new jail:
# ezjail-admin create -x pg91.example.org
Warning: Some services already seem to be listening on IP
  This may cause some confusion, here they are:
root     ntpd       1459  27 udp4       *:*
Warning: Some services already seem to be listening on all IP, (including
  This may cause some confusion, here they are:
root     ntpd       1459  20 udp4   *:123                 *:*
root     ntpd       1459  21 udp6   *:123                 *:*

Starting the new jail

This was easier than I thought. Starting the new jail is simple:
# /usr/local/etc/rc.d/ezjail start pg91.example.org
Then you ssh to it and check the host name:
$ ssh -A pg91
The authenticity of host 'pg91.example.org (' can't be established.
RSA key fingerprint is 0a:03:db:1a:b4:28:da:fd:66:c0:29:a4:0a:4b:77:30.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'pg91.example.org' (RSA) to the list of known hosts.
Last login: Fri Jun  8 22:58:22 2012 from
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
        The Regents of the University of California.  All rights reserved.

FreeBSD 8.2-STABLE (KRAKEN) #3: Fri Nov 18 22:07:46 UTC 2011

Welcome to FreeBSD!

Before seeking technical support, please use the following resources:

o  Security advisories and updated errata information for all releases are
   at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
   for your release first as it's updated frequently.

o  The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
   along with the mailing lists, can be searched by going to
   http://www.FreeBSD.org/search/.  If the doc distribution has
   been installed, they're also available formatted in /usr/share/doc.

If you still have a question or problem, please take the output of
`uname -a', along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list.  If you are
unfamiliar with FreeBSD's directory layout, please refer to the hier(7)
manual page.  If you are not familiar with manual pages, type `man man'.

You may also use sysinstall(8) to re-enter the installation and
configuration utility.  Edit /etc/motd to change this login announcement.

You can install extra packages for FreeBSD by using the ports system.
If you have installed it, you can download, compile, and install software by
just typing

        # cd /usr/ports/<category>/<portname>
        # make install && make clean

as root.  The ports infrastructure will download the software, change it so
it works on FreeBSD, compile it, install it, register the installation so it
will be possible to automatically uninstall it, and clean out the temporary
working space it used.  You can remove an installed port you decide you do not
want after all by typing

        # cd /usr/ports/<category>/<portname>
        # make deinstall

as root.
$ hostname
There. Done. Now all I need to do is remove PostgreSQ 7.4 and install PostgreSQL 9.1