I have a question about #FreeBSD jails: I've setup a new Bastille VNET jail in order to use #Syncthing That's working, but the problem is that Syncthing creates its own 'syncthing' user in the jail, that doesn't exist on the host system. Therefore, I can't set the proper file permissions on the ZFS dataset I've mounted from the host in 'rw' mode using nullfs. What's the proper solution? Create a syncthing user on the host? Is there a way to "copy" the user from the jail or automate it in some way, so I don't have to manually build the right 'pw' command? Thanks for your help!
#bastilleBSD

Cc @BastilleBSD

NAME
bastille etcupdate – Update /etc for jail(s).

SYNOPSIS
bastille etcupdate [-fx] bootstrap RELEASE
bastille etcupdate [-dx] TARGET update RELEASE
bastille etcupdate [-x] TARGET diff|resolve

DESCRIPTION
The bastille etcupdate sub-command will bootstrap a tarball from RELEASE which can then be used to update the contents of /etc inside jails after performing an upgrade.

#ManpageMonday #BastilleBSD #FreeBSD

😈 Jailrun is moving fast!

Our open-source project for orchestrating FreeBSD jails has just received a major update.

The latest version brings the kind of modern CLI experience you’d expect in 2026 — interactive shell, command autocomplete, and a polished look and feel.

Check it out 👉 https://github.com/hyphatech/jailrun

Thanks to the @FreeBSDFoundation for supporting the continued development of FreeBSD, and to the maintainers of #bastilleBSD, #ansible, #qemu, and #monit for the wonderful tools.

Testing as an alternative to base jails and BastilleBSD this weekend ✌️
https://sylve.io/guides/advanced-topics/jailing-sylve/

#freebsd #sylve #jails #bastillebsd

SYNOPSIS
bastille clone [-alx] TARGET NEW_NAME IP

The bastille clone sub-command will create an exact duplicate of the targeted jail, giving it the specified NEW_NAME and IP address.

EXAMPLES
Clone myjail to newjail:
# bastille clone myjail newjail 10.23.3.4/24

Clone myjail to newjail with DHCP (VNET only):
# bastille clone myjail newjail DHCP

Clone myjail to newjail while running, with debug mode:
# bastille clone -xl myjail newjail 10.23.3.4/24

#ManpageMonday #BastilleBSD #FreeBSD

I'm pleased to report that I've just submitted the final capstone paper for my master's degree in cybersecurity!

#cybersecurity #infosec #freebsd #bastillebsd #learning #education

Current task - cloning a prod server to a dev one:

zfs send -vRc zroot/bastille@toSend00 | mbuffer -m 2G | ssh root@VPNIP "zfs receive zroot/bastille"

Done.

#FreeBSD #RunBSD #ZFS #BastilleBSD #Bastille

The bastille convert sub-command will convert a thin jail to a thick jail if only the TARGET argument is given.

If a TARGET and RELEASE is specified, it will convert the jail into a custom release. The jail will remain intact, and you will have a duplicate of it to use a a release base for any new jails.

EXAMPLES
Convert myjail from thin to thick:
# bastille convert myjail

Create myrelease from myjail:
# bastille convert myjail myrelease

#ManpageMonday #BastilleBSD #FreeBSD

NAME
bastille jcp – Copy file(s)/directorie(s) from jail to jail(s).

SYNOPSIS
bastille jcp [-qx] SOURCE_JAIL JAIL_PATH DESTINATION_JAIL JAIL_PATH

DESCRIPTION
The bastille jcp sub-command will copy files and directories from a single jail to any targeted jail(s).

-q, --quiet : Suppress output.

-x, --debug : Enable debug mode.

EXAMPLES
Copy /etc/resolv.conf from myjail to yourjail:
# bastille jcp myjail /etc/resolv.conf yourjail /etc

#ManpageMonday #BastilleBSD #FreeBSD