A FreeBSD jail is an operating system-level virtualization that allows me to partition my FreeBSD-based server system into several independent mini-systems called “jails”. Each jail under FreeBSD virtual environment runs on the host machine with its own files, processes, user and superuser accounts. From within a jailed process, the environment is almost indistinguishable from a real system.

The easiest mechanism for administrating jails is to use a specialized framework called “ezjail”. Below, I've written a sort of “crash course” in getting your FreeBSD jails up and running


ezjail is located in the BSD ports collection, so installation should be a breeze:

# cd /usr/ports/sysutils/ezjail
# make install clean

Once installed, you should have the basic file layout for the ezjail framework.

/usr/jails/ : your base jail system templates are stored here
/usr/jails/flavours/ : Flavours allow for the customization of individual (or grouped) jails
/usr/jails/basejail/ : The base jail is the default set of files that will be mounted and shared across all jails on your system
/usr/local/etc/rc.d/ezjail.sh : This is the main ezjail service script
/usr/local/etc/ezjail.conf : Configurations for the ezjail framework and the ezjail-admin utility will be adjusted here.
/usr/local/etc/ezjail/ : Additional jail configuration files are stored here.

Create the Base Jail Template

To setup the base jail template's environment, you can use the update utility (just as if you were to update an existing environment).

# ezjail-admin update -p -i

The p switch will provide the ports collection for your jails, while the i switch will tell ezjail not simply perform an installworld and not a buildworld (this will use the hosts existing buildworld)

Running Your Jails

Next, you will need to add ezjail to the BSD startups:

# echo 'ezjail_enable="YES"' >> /etc/rc.conf

Starting, stopping, and restarting jails can be performed the same as any other service on FreeBSD. For example, to start your jails on a BSD 8.x system you can run the following:

# service ezjail.sh start

Once started, you can easily list the running jails with your standard jail utilities:

# jls

Upgrading the FreeBSD Jails:

To upgrade your jails, first you will upgrade your host OS using your preferred method. Next, you can simply stop your running jails, use the update utility, and then restart the jails:

# service ezjail.sh stop
# ezjail-admin update -p -i
# service ezjail.sh start

Create a New Jail

Creating new jails is also just as easy. Use the ezjail-admin utility to specify the jail, then edit the jail configs as necessary, and finally start your jail:

# ezjail-admin create -r /jails/new-jail.example.com new-jail.example.com
# vi /usr/local/etc/ezjail/new-jail.example.com
# service ezjail.sh start new-jail.example.com

Removing Jails

As before, the ezjail-admin utility will help you to delete jails inaddition to everything else. you can do so with the following command:

#ezjail-admin delete [-w ] new-jail.example.com

If you specify the w switch, the files associated with the jail will be completely removed. If not specified, you will still be able to reconfigure and recreate a new jail using the existing jails from the old jail.

Further Reading

That's the basic run-down. For more detailed information, you can always read the man pages for ezjail-admin, jail, and jls. In addition, the FreeBSD Handbook has an official chapter on jails that has some good information in it.