Fix superfluous asteriks in multiplication

Now using fetch to remotely fetch the distribution packages for post 9.0 dists.
Using fetch allows to specify protocols other than file:// and ftp://, with ftp:// being the default.
http servers are not yet queried for the distributions provided.

LICENSE

@@ -0,0 +1,5 @@
+"THE BEER-WARE LICENSE" (Revision 42):
+<erdgeist@erdgeist.org> and the ezjail-community are authors of these files.
+As long as you retain this notice you can do whatever you want with this stuff.
+If we meet some day, and you think this stuff is worth it, you can buy us a
+beer in return. - Dirk Engling for the ezjail-community

Makefile

@@ -3,20 +3,20 @@
 # want / as your install location, DO set PREFIX before invoking this Makefile
 
 PREFIX?=/usr/local
+DST=	${DESTDIR}${PREFIX}
 
 all:
 
 install:
-	mkdir -p ${PREFIX}/etc/ezjail/ ${PREFIX}/man/man1/ ${PREFIX}/man/man5/ ${PREFIX}/man/man7 ${PREFIX}/man/man8 ${PREFIX}/etc/rc.d/ ${PREFIX}/bin/ ${PREFIX}/share/examples/ezjail ${PREFIX}/share/zsh/site-functions
-	cp -p ezjail.conf.sample ${PREFIX}/etc/
-	cp -R -p examples/example ${PREFIX}/share/examples/ezjail/
-	cp -R -p examples/nullmailer-example ${PREFIX}/share/examples/ezjail/
-	cp -R -p share/zsh/site-functions/ ${PREFIX}/share/zsh/site-functions/
-	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail.sh > ${PREFIX}/etc/rc.d/ezjail
-	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail-admin > ${PREFIX}/bin/ezjail-admin
-	sed s:EZJAIL_PREFIX:${PREFIX}: man8/ezjail-admin.8 > ${PREFIX}/man/man8/ezjail-admin.8
-	sed s:EZJAIL_PREFIX:${PREFIX}: man5/ezjail.conf.5 > ${PREFIX}/man/man5/ezjail.conf.5
-	sed s:EZJAIL_PREFIX:${PREFIX}: man7/ezjail.7 > ${PREFIX}/man/man7/ezjail.7
-	chmod 755 ${PREFIX}/etc/rc.d/ezjail ${PREFIX}/bin/ezjail-admin
-	chown -R root:wheel ${PREFIX}/man/man8/ezjail-admin.8 ${PREFIX}/man/man5/ezjail.conf.5 ${PREFIX}/man/man7/ezjail.7 ${PREFIX}/share/examples/ezjail/
-	chmod 0440 ${PREFIX}/share/examples/ezjail/example/usr/local/etc/sudoers
+	mkdir -p ${DST}/etc/ezjail/ ${DST}/man/man5/ ${DST}/man/man7 ${DST}/man/man8 ${DST}/etc/rc.d/ ${DST}/bin/ ${DST}/share/examples/ezjail ${DST}/share/zsh/site-functions
+	cp -R examples/example ${DST}/share/examples/ezjail/
+	cp -R examples/nullmailer-example ${DST}/share/examples/ezjail/
+	cp -R share/zsh/site-functions/ ${DST}/share/zsh/site-functions/
+	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail.conf.sample > ${DST}/etc/ezjail.conf.sample
+	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail.sh > ${DST}/etc/rc.d/ezjail
+	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail-admin > ${DST}/bin/ezjail-admin
+	sed s:EZJAIL_PREFIX:${PREFIX}: man8/ezjail-admin.8 > ${DST}/man/man8/ezjail-admin.8
+	sed s:EZJAIL_PREFIX:${PREFIX}: man5/ezjail.conf.5 > ${DST}/man/man5/ezjail.conf.5
+	sed s:EZJAIL_PREFIX:${PREFIX}: man7/ezjail.7 > ${DST}/man/man7/ezjail.7
+	chmod 755 ${DST}/etc/rc.d/ezjail ${DST}/bin/ezjail-admin
+	chmod 0440 ${DST}/share/examples/ezjail/example/usr/local/etc/sudoers

examples/example/etc/rc.d/ezjail.flavour.example

@@ -54,7 +54,7 @@ flavour_setup() {
 # Install all packages previously put to /pkg
 # Remove package files afterwards
 
-[ -d /pkg ] && PACKAGESITE=file:// pkg_add -r /pkg/*
+[ -d /pkg ] && cd /pkg && pkg_add /pkg/*
 rm -rf /pkg
 
 # Postinstall

ezjail-admin

@@ -8,6 +8,7 @@ ezjail_etc="${ezjail_prefix}/etc"
 ezjail_share="${ezjail_prefix}/share/ezjail"
 ezjail_examples="${ezjail_prefix}/share/examples/ezjail"
 ezjail_jailcfgs="${ezjail_etc}/ezjail"
+ezjail_snap_date_format="%Y%m%d%H%M"
 
 # read user config
 [ -f "${ezjail_etc}/ezjail.conf" ] && . "${ezjail_etc}/ezjail.conf"
@@ -20,7 +21,6 @@ ezjail_jailcfgs="${ezjail_etc}/ezjail"
 : ${ezjail_jailtemp="${ezjail_jaildir}/ezjailtemp"}
 : ${ezjail_flavours_dir="${ezjail_jaildir}/flavours"}
 : ${ezjail_archivedir="${ezjail_jaildir}/ezjail_archives"}
-: ${ezjail_portscvsroot="freebsdanoncvs@anoncvs.FreeBSD.org:/home/ncvs"}
 : ${ezjail_sourcetree="/usr/src"}
 : ${ezjail_uglyperlhack="YES"}
 : ${ezjail_default_execute="/usr/bin/login -f root"}
@@ -33,8 +33,6 @@ ezjail_jailcfgs="${ezjail_etc}/ezjail"
 : ${ezjail_exec_start="/bin/sh /etc/rc"}
 
 : ${ezjail_use_zfs="NO"}
-: ${ezjail_jailzfs=""}
-: ${ezjail_zfs_properties=""}
 
 ezjail_dirlist="bin boot lib libexec rescue sbin usr/bin usr/include usr/lib usr/libdata usr/libexec usr/sbin usr/src usr/share"
 ezjail_basesystem="base"
@@ -43,15 +41,17 @@ ezjail_basesystem="base"
 case `uname -p` in amd64) ezjail_dirlist="${ezjail_dirlist} usr/lib32"; ezjail_basesystem="${ezjail_basesystem} lib32";; esac
 
 # Synopsis messages
-ezjail_usage_ezjailadmin="${ezjail_admin} v3.2\nUsage: ${ezjail_admin} [archive|config|console|create|delete|install|list|restore|update] {params}"
+ezjail_usage_ezjailadmin="${ezjail_admin} v3.4.2\nUsage: ${ezjail_admin} [archive|config|console|create|delete|freeze|install|list|restore|snapshot|troubleshoot|update] {params}"
 ezjail_usage_install="Usage: ${ezjail_admin} install [-mMpPsS] [-h host] [-r release]"
-ezjail_usage_create="Usage: ${ezjail_admin} create [-xbi] [-f flavour] [-r jailroot] [-s size] [-c bde|eli|zfs] [-C args] [-a archive] jailname jailip"
+ezjail_usage_create="Usage: ${ezjail_admin} create [-xbi] [-f flavour] [-r jailroot] [-s size] [-c bde|eli|zfs] [-C args] [-a archive] [-z parentzfs] jailname jailip"
 ezjail_usage_delete="Usage: ${ezjail_admin} delete [-wf] jailname"
 ezjail_usage_update="Usage: ${ezjail_admin} update [-s sourcetree|sourceosversion] [-p] (-b|-i|-u|-U|-P)"
 ezjail_usage_config="Usage: ${ezjail_admin} config [-r run|norun] [-n newname] [-c cpuset] [-z zfs-datasets] [-f fib] [-i attach|detach|fsck] jailname"
 ezjail_usage_console="Usage: ${ezjail_admin} console [-f] [-e command] jailname"
 ezjail_usage_archive="Usage: ${ezjail_admin} archive [-Af] [-a archive] [-d archivedir] jailname [jailname...]"
 ezjail_usage_restore="Usage: ${ezjail_admin} restore [-f] [-d archivedir] (archive|jailname)..."
+ezjail_usage_freeze="Usage: ${ezjail_admin} freeze jailname newflavour"
+ezjail_usage_troubleshoot="Usage: ${ezjail_admin} troubleshoot [jailname...]"
 ezjail_usage_list="Usage: ${ezjail_admin} list"
 
 ################################
@@ -145,6 +145,7 @@ start_stop_jail_by_script () {
   shift
   for ezjail; do
     fetchjailinfo ${ezjail}
+    case ${ezjail_config} in *.norun) continue;; esac
     [ ${ezjail_success_check} "${ezjail_id}" ] || exerr "Error: Could not ${ezjail_action} $@.\n  You need to ${ezjail_action} it by hand."
   done
 }
@@ -180,6 +181,10 @@ writejailinfo () {
   echo export jail_${ezjail_safename}_zfs_datasets=\"${ezjail_zfs_datasets}\"
   echo export jail_${ezjail_safename}_cpuset=\"${ezjail_cpuset}\"
   echo export jail_${ezjail_safename}_fib=\"${ezjail_fib}\"
+  echo export jail_${ezjail_safename}_parentzfs=\"${ezjail_parentzfs}\"
+  echo export jail_${ezjail_safename}_parameters=\"${ezjail_parameters}\"
+  echo export jail_${ezjail_safename}_post_start_script=\"${ezjail_post_start_script}\"
+  echo export jail_${ezjail_safename}_retention_policy=\"${ezjail_retention_policy}\"
 
   ) > "${ezjail_destconf}"
 
@@ -227,6 +232,13 @@ fetchjailinfo () {
   eval ezjail_zfs_datasets=\"\$jail_${ezjail_safename}_zfs_datasets\"
   eval ezjail_cpuset=\"\$jail_${ezjail_safename}_cpuset\"
   eval ezjail_fib=\"\$jail_${ezjail_safename}_fib\"
+  eval ezjail_parentzfs=\"\$jail_${ezjail_safename}_parentzfs\"
+  eval ezjail_parameters=\"\$jail_${ezjail_safename}_parameters\"
+  eval ezjail_post_start_script=\"\$jail_${ezjail_safename}_post_start_script\"
+  eval ezjail_retention_policy=\"\$jail_${ezjail_safename}_retention_policy\"
+
+  # Pre ezjail-3.3-jails do not have this set
+  : ${ezjail_parentzfs:=${ezjail_jailzfs}}
 
   ezjail_softlink=${ezjail_jaildir}/`basename -- "${ezjail_rootdir}"`
   ezjail_devicelink="${ezjail_rootdir}.device"
@@ -252,7 +264,7 @@ fetchjailinfo () {
   fi
 
   [ -f "/var/run/jail_${ezjail_safename}.id" ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` || return
-  jls | grep -q -E "^ +${ezjail_id} " || unset ezjail_id
+  jls | grep -q -E "^ *${ezjail_id} " || unset ezjail_id
 }
 
 # fill the base jail - this function is used by install and update
@@ -263,7 +275,7 @@ ezjail_splitworld() {
   if [ "${ezjail_use_zfs}" = "YES" ]; then
     ensure_jailzfs
     /sbin/zfs create ${ezjail_jailzfs}/basejail
-    /sbin/zfs snapshot ${ezjail_jailzfs}/basejail@`date -v -7d +"%C%y%m%d_%H:%M:%S"`
+    /sbin/zfs snapshot ${ezjail_jailzfs}/basejail@`date +"%C%y%m%d_%H:%M:%S"`
   fi
 
   # Remove schg flags from old basejail binaries. The flags
@@ -299,6 +311,7 @@ ezjail_splitworld() {
   # /etc/make.conf.
   if [ -f "${ezjail_examples}/example/etc/make.conf" -a ! -f "${ezjail_jailtemplate}/etc/make.conf" ]; then
     cp -p "${ezjail_examples}/example/etc/make.conf" "${ezjail_jailtemplate}/etc/"
+    mkdir -p ${ezjail_jailtemplate}/var/ports/packages ${ezjail_jailtemplate}/var/ports/distfiles
     echo "Note: a non-standard /etc/make.conf was copied to the template jail in order to get the ports collection running inside jails."
   fi
 
@@ -310,20 +323,11 @@ ezjail_splitworld() {
 # The user may want to have a ports tree in basejail
 ezjail_updateports () {
   local _portsnap_fetch="fetch"
-  # if /usr/ports/CVS exists, assume cvs up is safe
-  # this is legacy
-  if [ -f "${ezjail_jailbase}/usr/ports/CVS/Root" ]; then
-    echo -n "Updating ports from "; cat "${ezjail_jailbase}/usr/ports/CVS/Root"
-    echo "Warning: Upgrading legacy ports copy. Consider removing ${ezjail_jailbase}/usr/ports and use the new portsnap strategy instead."
-    echo "Gathering local information may take a while."
-    cd "${ezjail_jailbase}/usr/ports/" && cvs -d "${ezjail_portscvsroot}" up -Pd
-  else
+
   [ -z "$TERM" -o "$TERM" = "dumb" ] && _portsnap_fetch="cron"
   portsnap ${_portsnap_fetch}
   [ -d "${ezjail_jailbase}/usr/ports" ] && ezjail_portsnapaction="update"
-    portsnap -p "${ezjail_jailbase}/usr/ports" ${ezjail_portsnapaction:-"extract"}
-  fi
-  [ $? -eq 0 ] || exerr "Error: Updating ports failed."
+  portsnap -p "${ezjail_jailbase}/usr/ports" ${ezjail_portsnapaction:-"extract"} || exerr "Error: Updating ports failed."
 }
 
 # Try to fetch the list of releases the server provides
@@ -333,12 +337,12 @@ ezjail_queryftpserver () {
   TIFS=${IFS}; IFS=
   for ezjail_path in pub/FreeBSD/releases pub/FreeBSD/snapshot pub/FreeBSD releases snapshots pub/FreeBSD-Archive/old-releases NO; do
     if [ ${ezjail_path} = "NO" ]; then
-      echo "Warning: I am having problems querying the ftp server you specified (${ezjail_ftphost})."
+      echo "Warning: I am having problems querying the ftp server you specified (${ezjail_disturi})."
       _ret=1; break
     fi
-    ezjail_ftpresponse=`echo ls | ftp "${ezjail_ftphost}:${ezjail_path}/${ezjail_installarch}/" 2> /dev/null` 2> /dev/null
+    ezjail_ftpresponse=`echo ls | ftp "${ezjail_disturi}:${ezjail_path}/${ezjail_installarch}/" 2> /dev/null` 2> /dev/null
     if [ $? -eq 0 ]; then
-      echo -e "The ftp server you specified (${ezjail_ftphost}) seems to provide the following builds:\n${ezjail_ftpresponse}"
+      echo -e "The ftp server you specified (${ezjail_disturi}) seems to provide the following builds:\n${ezjail_ftpresponse}"
       _ret=0; break
     fi
   done
@@ -416,8 +420,9 @@ check_for_zpool () {
 check_for_zfs_exist () {
   # check if the zfs we want to use already exists or not, return 0 if it does and 1 if not
   _exit=1
-  _zfs_status=`/sbin/zfs list -H -o name ${ezjail_jailzfs}/${ezjail_hostname} 2> /dev/null`
-  [ "${_zfs_status}" = "${ezjail_jailzfs}/${ezjail_hostname}" ] && _exit=0
+  _to_check=$1
+  _zfs_status=`/sbin/zfs list -H -o name ${_to_check} 2> /dev/null`
+  [ "${_zfs_status}" = "${_to_check}" ] && _exit=0
   return ${_exit}
 }
 
@@ -432,7 +437,7 @@ ensure_jailzfs() {
   _zfs_status=`/sbin/zfs list -H -o name ${ezjail_jailzfs} 2> /dev/null`
   [ "${_zfs_status}" = "${ezjail_jailzfs}" ] && return
 
-  # if a directoy already exists in that place, make sure it is empty, else bump user
+  # if a directory already exists in that place, make sure it is empty, else bump user
   [ -d "${ezjail_jaildir}" -a -n "`ls -A ${ezjail_jaildir}`" ] && exerr "Error: Can not create zfs at ${ezjail_jaildir}.\n  There is a non-empty directory in the way."
 
   # create all parent file systems if necessary
@@ -443,6 +448,81 @@ ensure_jailzfs() {
   /sbin/zfs create -o mountpoint=${ezjail_jaildir} ${ezjail_zfs_properties} ${ezjail_jailzfs}
 }
 
+# implement snapshot retentions
+filteroldsnapshots() {
+  local win repeat bottom in_window snap_id snap_del snap_first first_round_done max_diff
+  bottom=`date +%s`
+
+  unset snap_del first_round_done
+  snap_id=0
+  for win in ${ezjail_retention_policy}; do
+    # split repeat count from window chunk
+    case ${win} in *x*) repeat=${win%x*}; win=${win#*x};; *) repeat=1;; KEEP) return;; esac
+
+    # check for correct value
+    case ${win} in [0-9]);; [0-9]*[0-9mhdwy]);; *) echo "Unknown window length declaration ${win}"; return ;; esac
+
+    # values default to minutes
+    case ${win} in *h) m=60;; *d) m=1440;; *w) m=10080;; *y) m=525600;; *) m=1;; esac
+    win=$((${win%[mhdwy]}*m*60))
+
+    # innerloop $repeats over windows
+    while [ $(( repeat-=1 )) -ge 0 ]; do
+      # Shift bottom of window
+      bottom=$(( ${bottom} - ${win} ))
+      unset snap_first
+
+      # now loop over parameters
+      in_window=YES; while [ "${in_window}" ]; do
+
+        # When snap_id is required, pop one if possible
+        if [ "${snap_id}" -eq 0 -a $# -gt 0 ]; then
+          snap_id=`date -j -f ${ezjail_snap_date_format} $1 +%s`
+          shift
+        fi
+
+        # is next snapshot before this window? test next window
+        if [ ${snap_id} -lt ${bottom} ]; then
+          [ "${first_round_done}" ] || echo /sbin/zfs snapshot -r ${ezjail_zfs}@ez-autosnap-`date +${ezjail_snap_date_format}`
+          [ "${first_round_done}" ] || /sbin/zfs snapshot -r ${ezjail_zfs}@ez-autosnap-`date +${ezjail_snap_date_format}`
+
+          # we remembered the first snapshot in window
+          # only keep it, if it is newer than the oldest by more than half the window size
+          if [ "${snap_first}" -a "${snap_del}" -a $(( snap_del - snap_first )) -lt $(( win / 2 )) ]; then
+             echo /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_first} +${ezjail_snap_date_format}`
+             /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_first} +${ezjail_snap_date_format}`
+          fi
+
+          # Zero marks end of snaps list
+          [ "${snap_id}" -eq 0 ] && return
+
+          unset snap_del in_window
+        else
+          if [ "${snap_del}" ]; then
+            if [ "${snap_first}" ]; then
+              echo /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_del} +${ezjail_snap_date_format}`
+              /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_del} +${ezjail_snap_date_format}`
+            else
+              snap_first="${snap_del}"
+            fi
+          fi
+          snap_del="${snap_id}"
+          snap_id=0
+        fi
+        first_round_done="YES"
+
+      done
+    done
+  done
+
+  # if out of windows, default to delete the remainder of snaps
+  for snap_del in ${snap_id} $*; do
+    echo /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_del} +${ezjail_snap_date_format}`
+    /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_del} +${ezjail_snap_date_format}`
+  done
+
+}
+
 #############################
 # End of function definitions
 # "
@@ -454,8 +534,8 @@ case "$1" in
 ######################## ezjail-admin CREATE ########################
 create)
   # Clean variables, prevent pollution
-  unset ezjail_rootdir ezjail_flavours ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_devicelink ezjail_config ezjail_attachparams ezjail_exists ezjail_attachblocking ezjail_forceblocking ezjail_sourcedevice ezjail_rootdirempty ezjail_fromarchive ezjail_fromarchive_config
-  shift; while getopts :f:r:s:xbic:C:a:A: arg; do case ${arg} in
+  unset ezjail_rootdir ezjail_flavours ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_parentzfs ezjail_device ezjail_devicelink ezjail_config ezjail_attachparams ezjail_exists ezjail_attachblocking ezjail_forceblocking ezjail_sourcedevice ezjail_rootdirempty ezjail_fromarchive ezjail_fromarchive_config
+  shift; while getopts :f:r:s:xbkic:C:a:A:z: arg; do case ${arg} in
     x) ezjail_exists="YES";;
     r) ezjail_rootdir=${OPTARG};;
     f) ezjail_flavours=${OPTARG};;
@@ -466,6 +546,9 @@ create)
     b) ezjail_forceblocking="YES";;
     i) : ${ezjail_imagetype="simple"};;
     s) ezjail_imagesize=${OPTARG};;
+    z) ezjail_imagetype="zfs";
+       ezjail_parentzfs=${OPTARG};;
+    k) ezjail_keepsnapshot="YES";; # undocumented
     ?) exerr ${ezjail_usage_create};;
   esac; done; shift $(( ${OPTIND} - 1 ))
 
@@ -623,13 +706,16 @@ create)
       ezjail_device=${ezjail_imagedevice}
       ;;
     zfs)
+      : ${ezjail_parentzfs=${ezjail_jailzfs}}
       if [ -z "${ezjail_exists}" ]; then
         [ "${ezjail_imagesize}" ] && ezjail_zfs_jail_properties="${ezjail_zfs_jail_properties} -o quota=${ezjail_imagesize}"
         [ -d "${ezjail_jaildir}/${ezjail_hostname}" ] && exerr "Error: Could not create jail root mount point ${ezjail_rootdir}"
 
-        /sbin/zfs create -o mountpoint=${ezjail_rootdir} ${ezjail_zfs_jail_properties} ${ezjail_jailzfs}/${ezjail_hostname}
+        check_for_zfs_exist "${ezjail_parentzfs}" || exerr "Error: The parent zfs dataset does not exist.\n  Use 'zfs create -p ${ezjail_parentzfs}' to create it."
+
+        /sbin/zfs create -o mountpoint=${ezjail_rootdir} ${ezjail_zfs_jail_properties} ${ezjail_parentzfs}/${ezjail_hostname}
       else
-        check_for_zfs_exist || exerr "Error: The existing destination is not a ZFS filesystem."
+        check_for_zfs_exist "${ezjail_parentzfs}/${ezjail_hostname}" || exerr "Error: The existing destination is not a ZFS filesystem."
       fi
       ;;
 
@@ -660,10 +746,10 @@ create)
     # now take a copy of our template jail
     if [ "${ezjail_imagetype}" = "zfs" -a "${ezjail_use_zfs}" = "YES" ]; then
       # create ZFS filesystem first when using ZFS
-      /sbin/zfs snapshot ${ezjail_jailzfs}/newjail@_createnewjailtmp
-      /sbin/zfs send ${ezjail_jailzfs}/newjail@_createnewjailtmp | zfs receive -F ${ezjail_jailzfs}/${ezjail_hostname}
-      /sbin/zfs destroy ${ezjail_jailzfs}/${ezjail_hostname}@_createnewjailtmp
-      /sbin/zfs destroy ${ezjail_jailzfs}/newjail@_createnewjailtmp
+      /sbin/zfs snapshot ${ezjail_jailzfs}/newjail@_vanilla_newjail_
+      /sbin/zfs send ${ezjail_jailzfs}/newjail@_vanilla_newjail_ | zfs receive -F ${ezjail_parentzfs}/${ezjail_hostname}
+      [ -z "${ezjail_keepsnapshot}" ] && /sbin/zfs destroy ${ezjail_parentzfs}/${ezjail_hostname}@_vanilla_newjail_
+      /sbin/zfs destroy ${ezjail_jailzfs}/newjail@_vanilla_newjail_
     else
       mkdir -p "${ezjail_rootdir}" && cd "${ezjail_jailtemplate}" && find . | cpio -p -v "${ezjail_rootdir}" > /dev/null
     fi
@@ -735,11 +821,19 @@ EOF
   #
 
   TIFS=${IFS}; IFS=,
-  for ezjail_ip in ${ezjail_ips}; do
+  for ezjail_ip_in in ${ezjail_ips}; do
+    # From 9.0 IP addresses can be prefixed by their interface, for now ignore
+    # the prefix
+    ezjail_ip="${ezjail_ip_in#*|}"
+
+    # If the IP address is not automatically configured, test if it is configured
+    # on a local interface
+    if [ "${ezjail_ip}" = "${ezjail_ip_in}" ]; then
       case ${ezjail_ip} in *.*.*.*) _ping=ping;; *) _ping=ping6;; esac
       # check, whether IP is configured on a local interface, warn if it isnt
       ${_ping} -S ${ezjail_ip} -q -c 1 localhost >/dev/null 2>/dev/null
       [ $? -eq 0 ] || echo "Warning: IP ${ezjail_ip} not configured on a local interface."
+    fi
 
     # check, whether some host system services do listen on the Jails IP
     IFS=_
@@ -831,10 +925,20 @@ delete)
      [ "${ezjail_image}" ] && rm -f "${ezjail_image}" "${ezjail_image%.img}.device"
     ;;
     zfs)
-      /sbin/zfs destroy -r ${ezjail_jailzfs}/${ezjail_hostname}
+      if ! /sbin/zfs destroy -r ${ezjail_parentzfs}/${ezjail_hostname}; then
+        [ "${ezjail_forcestop}" ] || exerr "Error: Could not destroy file system ${ezjail_parentzfs}/${ezjail_hostname} for jail ${ezjail_name}."
+        echo "Warning: Could not destroy file system ${ezjail_parentzfs}/${ezjail_hostname} for jail ${ezjail_name}."
+        echo "  Sleeping 5 seconds before retrying forcefully."
+        sleep 5
+        /sbin/zfs destroy -rf ${ezjail_parentzfs}/${ezjail_hostname} || exerr "Error: Failed to destroy file system."
+        echo "Success."
+      fi
+    ;;
+    *)
+      chflags -R noschg "${ezjail_rootdir}"
     ;;
     esac
-    chflags -R noschg "${ezjail_rootdir}"; rm -rf "${ezjail_rootdir}"
+    rm -rf "${ezjail_rootdir}"
   fi
 
   ;;
@@ -860,7 +964,7 @@ list)
     TIFS=${IFS}; IFS=,; unset _multiline
     for ezjail_ip in ${ezjail_ips:="-"}; do
       if [ -z "${_multiline}" ]; then
-        printf "%-3s %-4s %-15s %-30s %s\\n" "${ezjail_state}" "${ezjail_id:-N/A}" "${ezjail_ip}" "${ezjail_hostname}" "${ezjail_rootdir}"
+        printf "%-3s %-4s %-15s %-30s %s\\n" "${ezjail_state}" "${ezjail_id:-N/A}" "${ezjail_ip#*|}" "${ezjail_hostname}" "${ezjail_rootdir}"
         _multiline=yes
       else
         printf "    %-4s %s\\n" "${ezjail_id:-N/A}" "${ezjail_ip}"
@@ -900,8 +1004,12 @@ setup|update)
 
     # If ran from cron be kind to freebsds update servers and sleep first
     [ -z "$TERM" -o "$TERM" = "dumb" ] && ezjail_urgency="cron" || ezjail_urgency="fetch"
-    [ "${ezjail_use_zfs}" = "YES" ] && zfs snapshot ${ezjail_jailzfs}/basejail@`date -v -7d +"%C%y%m%d_%H:%M:%S"`
-    freebsd-update -b ${ezjail_jailbase} ${ezjail_urgency} install
+    if [ "${ezjail_use_zfs}" = "YES" ]; then
+        zfs snapshot ${ezjail_jailzfs}/basejail@`date +"%C%y%m%d_%H:%M:%S"`
+        zfs snapshot ${ezjail_jailzfs}/newjail@`date +"%C%y%m%d_%H:%M:%S"`
+    fi
+    env PAGER=/bin/cat freebsd-update -b ${ezjail_jailbase} ${ezjail_urgency} install
+    env PAGER=/bin/cat freebsd-update -b ${ezjail_jailtemplate} ${ezjail_urgency} install
   elif [ "${ezjail_installaction}" = "freebsd-upgrade" ]; then
     [ -d "${ezjail_jailbase}" ] || exerr "Error: base jail does not exist.\n  You cannot update a base jail until it is created.\n  Please run '${ezjail_admin} update' or '${ezjail_admin} install' first."
 
@@ -912,10 +1020,15 @@ setup|update)
 
     # Make the host systems os version our target version
     # Users can override this by setting the UNAME_r environment variable
-    ezjail_osversion_target="`uname -r`"
+    ezjail_osversion_target="`uname -r | sed -E 's,-p[0-9]+,,' | sed -E 's,-SECURITY,-RELEASE,'`" 
 
     # Finally run freebsd-update to upgrade our basejail
-    env UNAME_r="${ezjail_osversion_source}" freebsd-update -b ${ezjail_jailbase} -r ${ezjail_osversion_target} upgrade install
+    for DESTDIR in ${ezjail_jailbase} ${ezjail_jailtemplate}; do
+      env UNAME_r="${ezjail_osversion_source}" PAGER=/bin/cat freebsd-update -b ${DESTDIR} -r ${ezjail_osversion_target} upgrade
+      while [ $? -eq 0 ]; do
+        env UNAME_r="${ezjail_osversion_source}" PAGER=/bin/cat freebsd-update -b ${DESTDIR} -r ${ezjail_osversion_target} install
+      done
+    done
 
     # Here we should write the file with the new osversion in case of success
   else
@@ -952,7 +1065,7 @@ setup|update)
 ######################## ezjail-admin INSTALL ########################
 install)
   # Clean variables, prevent pollution
-  unset ezjail_release ezjail_installmanpages ezjail_installports ezjail_installsources ezjail_dir ezjail_reldir ezjail_ftpserverqueried
+  unset ezjail_release ezjail_installmanpages ezjail_installports ezjail_installsources ezjail_dir ezjail_ftpserverqueried ezjail_proto ezjail_disturi
 
   shift; while getopts :mMpPsSh:r: arg; do case ${arg} in
     m) ezjail_installmanpages=" manpages";;
@@ -971,42 +1084,48 @@ install)
   ezjail_installarch=`uname -p`
   ezjail_installplatform=`uname -m`
   : ${ezjail_ftphost="ftp.freebsd.org"}
-  ezjail_ftphost=${ezjail_ftphost#ftp://}
-  ezjail_dir=${ezjail_ftphost#file://}
-  [ "${ezjail_dir%%[!/]*}" ] || ezjail_reldir=`pwd -P`
+  ezjail_proto=${ezjail_ftphost%%://*}
+  [ "${ezjail_proto}" = "${ezjail_ftphost}" ] && ezjail_proto=ftp
+  ezjail_disturi=${ezjail_ftphost#*://}
 
   [ "`sysctl -n kern.securelevel`" -gt 0 ] && exerr "Error: You are running in a secure level higher than 0.\n  ${ezjail_admin} will not install correctly.\n  Please reboot into a lower secure level."
 
   # Check for basejail when not installing base jail
   [ "${ezjail_basesystem}" -o -d "${ezjail_jailbase}" ] || exerr "Error: The basejail does not exist.\n  You cannot install distribution packages before creating ezjails environment.\n  Please run '${ezjail_admin} update' or '${ezjail_admin} install' using lower case parameters first."
 
-  # ftp servers normally wont provide non-RELEASE-builds
-  if [ -z "${ezjail_release}" -a "${ezjail_dir}" = "${ezjail_ftphost}" ]; then
+  if [ -z "${ezjail_release}" ]; then
+    # if no release version is requested, use the host system's
     ezjail_release=`uname -r`
     ezjail_release_major=${ezjail_release%%.*}
+
+    # ftp servers normally wont provide non-RELEASE-builds
+    if [ "${ezjail_proto}" != "file" ]; then
       case ${ezjail_release} in *-STABLE) ezjail_release="${ezjail_release%-STABLE}-RELEASE";; esac
+      case ${ezjail_release} in *-RELEASE-p*) ezjail_release=${ezjail_release%-p*};; esac
       if [ "${ezjail_release%-RELEASE}" = "${ezjail_release}" ]; then
         echo "Your system is ${ezjail_release}. Normally FTP-servers don't provide non-RELEASE-builds."
         [ ${ezjail_release_major} -ge 9 ] && ezjail_installarch="${ezjail_installplatform}/${ezjail_installarch}"
-      ezjail_queryftpserver || echo "... I'll continue anyway."
-      echo -n "Release [ ${ezjail_release} ]: "
+        [ "${ezjail_proto}" != "ftp" ] || ezjail_queryftpserver || echo "... I'll continue anyway."
+        echo -n "Release to fetch [ ${ezjail_release} ]: "
         read ezjail_releasetmp
         [ "${ezjail_releasetmp}" ] && ezjail_release=${ezjail_releasetmp}
         ezjail_installarch=`uname -p`
       fi
     fi
+  fi
 
   # From 9.0 releases come with a new layout
   # It is now a single archive ${pkg}.txz instead of a list of archive parts under ${pkg}/*
   # man pages come with the base
+  # We can use fetch to connect to the ftp host, allowing the use of proxies. We needed ftp
+  # in pre-9.0-releases to make ${pkg}/* work.
   # We assume for now that jail's platform is supposed to be that of the host. That may change later.
   ezjail_release_major=${ezjail_release%%.*}
+  [ "${ezjail_release_major}" -eq "${ezjail_release_major}" ] 2>/dev/null || exerr ${ezjail_release} does not look like a valid FreeBSD version descriptor
   if [ ${ezjail_release_major} -ge 9 -a -n "${ezjail_installmanpages}" ]; then
     echo "Note: From FreeBSD 9.0 man pages are part of the base package"
     unset ezjail_installmanpages
   fi
-  [ ${ezjail_release_major} -ge 9 ] && ezjail_installarch="${ezjail_installplatform}/${ezjail_installarch}"
-  [ ${ezjail_release_major} -ge 9 ] && ezjail_pkgsuffix=".txz" || ezjail_pkgsuffix="/*"
 
   # Normally fulljail should be renamed by past ezjail-admin commands.
   # However those may have failed
@@ -1023,54 +1142,73 @@ install)
   # for post-install man/src installations
   [ "${ezjail_basesystem}" ] && DESTDIR="${ezjail_jailfull}" || DESTDIR="${ezjail_jailbase}"
 
+  ezjail_makeabsolute ezjail_jailtemp
   rm -rf "${ezjail_jailtemp}"
   for pkg in ${ezjail_basesystem} ${ezjail_installmanpages} ${ezjail_installsources}; do
 
-    # The first case means, that a remote host has been specified.
-    if [ "${ezjail_dir}" = "${ezjail_ftphost}" ]; then
+    if [ "${ezjail_proto}" = "file" ]; then
+      # The easy case means, that a local distribution directory has been specified.
+
+      if [ ${ezjail_release_major} -ge 9 ]; then
+        if [ -r "${ezjail_disturi}/${pkg}.txz" ]; then
+          xzdec ${ezjail_disturi}/${pkg}.txz | tar --unlink -xpJf - -C ${DESTDIR}
+        else
+          [ ${pkg} = "lib32" ] || exerr "Error: Can not access package file ${ezjail_disturi}/${pkg}.txz"
+          echo "Warning: Can not access package file ${ezjail_disturi}/${pkg}.txz, ignored for auto added lib32."
+        fi
+      else
+        ezjail_makeabsolute ezjail_disturi
+        cd "${ezjail_disturi}/${pkg}" || exerr "Error: Could not cd to ${ezjail_disturi}/${pkg}."
+        [ "${pkg}" = "base" ] && echo "Ignore the next question, ezjail answers it for you."
+        set -- all
+        [ -f install.sh ] && yes | . install.sh
+        [ $? -eq 0 ] || exerr "Error: Package install script for ${pkg} failed."
+      fi
+    else
+      # The hard case means, we have to fetch the distribution files from a remote server
+
       # Create and try to access temp dir
       mkdir -p "${ezjail_jailtemp}" || exerr "Error: Could not create temporary base jail directory ${ezjail_jailtemp}."
       cd "${ezjail_jailtemp}" || exerr "Error: Could not cd to ${ezjail_jailtemp}."
 
       # Try all paths as stolen from sysinstall, break on success.
       for ezjail_path in pub/FreeBSD/releases pub/FreeBSD/snapshot pub/FreeBSD releases snapshots pub/FreeBSD-Archive/old-releases NO; do
+        # Once we tried all paths, we give up and nudge the user
         if [ "${ezjail_path}" = "NO" ]; then
-          echo -e "\nCould not fetch ${pkg} from ${ezjail_ftphost}.\n  Maybe your release (${ezjail_release}) is specified incorrectly or the host ${ezjail_ftphost} does not provide that release build.\n  Use the -r option to specify an existing release or the -h option to specify an alternative ftp server." >&2
-          [ "${ezjail_ftpserverqueried}" ] || ezjail_queryftpserver
+          echo -e "\nCould not fetch ${pkg} from ${ezjail_proto}://${ezjail_disturi}.\n  Maybe your release (${ezjail_release}) is specified incorrectly or the host ${ezjail_disturi} does not provide that release build.\n  Use the -r option to specify an existing release or the -h option to specify an alternative ftp server." >&2
+          [ "${ezjail_proto}" = "ftp" -a -z "${ezjail_ftpserverqueried}" ] && ezjail_queryftpserver
           exit 1
         fi
-        ftp "${ezjail_ftphost}:${ezjail_path}/${ezjail_installarch}/${ezjail_release}/${pkg}${ezjail_pkgsuffix}" && break
-      done
 
+        # Fetching and extraction distributions has become much easier from 9.0
         if [ ${ezjail_release_major} -ge 9 ]; then
+          fetch "${ezjail_proto}://${ezjail_disturi}/${ezjail_path}/${ezjail_installplatform}/${ezjail_installarch}/${ezjail_release}/${pkg}.txz" || continue
           xzdec ${pkg}.txz | tar --unlink -xpJf - -C ${DESTDIR}
+          _res=$?
         else
+          [ "${ezjail_proto}" = "ftp" ] || echo "Warning: Ignoring ${ezjail_proto} protocol on FreeBSD pre 9.0"
+          ftp ${ezjail_disturi}:${ezjail_path}/${ezjail_installarch}/${ezjail_release}/${pkg}/* || continue
           # These actions are really ugly: sources want $1 to contain the set
           # of sources to install, base asks the user if he is sure, hence the
           # yes and the set -- all
           [ "${pkg}" = "base" ] && echo "Ignore the next question, ezjail answers it for you."
           set -- all
           [ -f install.sh ] && yes | . install.sh
-        [ $? -eq 0 ] || exerr "Error: Package install script for ${pkg} failed."
+          _res=$?
         fi
 
         rm -rf "${ezjail_jailtemp}"
-    else
-      if [ ${ezjail_release_major} -ge 9 ]; then
-        [ -r "${ezjail_reldir}/${ezjail_dir}/${pkg}.txz" ] || exerr "Error: Can not access package file ${ezjail_reldir}/${ezjail_dir}/${pkg}.txz"
-        xzdec ${ezjail_reldir}/${ezjail_dir}/${pkg}.txz | tar --unlink -xpJf - -C ${DESTDIR}
-      else
-        cd "${ezjail_reldir}/${ezjail_dir}/${pkg}" || exerr "Error: Could not cd to ${ezjail_dir}."
-        [ "${pkg}" = "base" ] && echo "Ignore the next question, ezjail answers it for you."
-        set -- all
-        [ -f install.sh ] && yes | . install.sh
-        [ $? -eq 0 ] || exerr "Error: Package install script for ${pkg} failed."
-      fi
+        [ ${_res} -eq 0 ] || exerr "Error: Package install script for ${pkg} failed."
+        break
+      done
     fi
   done
 
-  # Split basejail and newjail
-  [ "${ezjail_basesystem}" ] && ezjail_splitworld
+  # Update to current patch level, split basejail and newjail
+  if [ "${ezjail_basesystem}" ]; then
+    env PAGER=/bin/cat freebsd-update -b "${DESTDIR}" fetch install
+    ezjail_splitworld
+  fi
 
   # Fill ports, if requested
   [ "${ezjail_installports}" ] && ezjail_updateports
@@ -1122,7 +1260,81 @@ console)
 
   exec ${_setfib} jexec ${ezjail_id} ${ezjail_default_execute}
   ;;
-######################## ezjail-admin ARCHIVE ########################
+######################## ezjail-admin FREEZE ########################
+freeze)
+  shift
+  [ $# -eq 2 ] || exerr ${ezjail_usage_freeze}
+
+  ezjail="$1"
+  ezjail_flavour="$2"
+
+  fetchjailinfo ${ezjail}
+
+  # Check for existence of jail in our records
+  [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
+
+  # Check if jail is of zfs type
+  [ ${ezjail_imagetype} = "zfs" ] || exerr "Error: Can only freeze zfs based jails into a flavour.\n  ${ezjail_name} is not a zfs jail."
+
+  # Check if jail has been snapshotted at create time
+  /sbin/zfs list -H "${ezjail_parentzfs}/${ezjail_hostname}@_vanilla_newjail_" >/dev/null 2>/dev/null
+  [ $? -eq 0 ] || exerr "Error: Jail ${ezjail_name} did not keep a snapshot when it was first created.\n  Use ezjail-admin create with the -k option to keep a snapshot to diff."
+
+  # For now we will not overwrite an existing flavour
+  [ -e "${ezjail_flavours_dir}/${ezjail_flavour}" ] && exerr "Error: A flavour already exists at ${ezjail_flavours_dir}/${ezjail_flavour}."
+
+  # Create the new frozen flavour's dir
+  mkdir -p "${ezjail_flavours_dir}/${ezjail_flavour}"
+
+  # Work relative to jails rootdir
+  cd "${ezjail_rootdir}"
+
+  # Now list all files that have been added or modified
+  # TODO: This assumes no files have been deleted from when the jail was initially created. Safe assumption for now.
+  # TODO: This assumes no files have been renamed from when the jail was initially created. Not so sure.
+  /sbin/zfs diff -H "${ezjail_parentzfs}/${ezjail_hostname}@_vanilla_newjail_" "${ezjail_parentzfs}/${ezjail_hostname}" | \
+    grep -E "^[M+]" | cut -f 2 | sed -E s:"^${ezjail_rootdir}/?":: | cpio -d -m -p -v "${ezjail_flavours_dir}/${ezjail_flavour}"
+
+;;
+######################## ezjail-admin SNAPSHOT ########################
+snapshot)
+  shift
+  if [ $# -eq 0 ]; then
+    cd ${ezjail_jailcfgs} && ezjail_list=`ls -A`
+  else
+    ezjail_list=$*
+  fi
+
+  for ezjail in ${ezjail_list}; do
+    fetchjailinfo ${ezjail%.norun}
+
+    # Check for existence of jail in our records
+    [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
+
+    # Snapshots only work with zfs jails
+    [ "${ezjail_imagetype}" = "zfs" -o -n "${ezjail_zfs_datasets}" ] || continue
+
+    [ "${ezjail_imagetype}" = "zfs" ] && ezjail_zfs_datasets="${ezjail_parentzfs}/${ezjail_hostname} ${ezjail_zfs_datasets}"
+
+    # Use global retention policy, if none set
+    : ${ezjail_retention_policy:=${ezjail_default_retention_policy}}
+
+    for ezjail_zfs in ${ezjail_zfs_datasets}; do
+      check_for_zfs_exist ${ezjail_zfs} || continue
+      zfs_retention_policy=`/sbin/zfs get -H -o value ezjail:autosnap_retention ${ezjail_zfs}`
+      [ "${zfs_retention_policy}" = "-" ] || ezjail_retention_policy="${zfs_retention_policy}"
+      if [ -z "${ezjail_retention_policy}" ]; then
+        /sbin/zfs snapshot -r ${ezjail_zfs}@ez-autosnap-`date +${ezjail_snap_date_format}`
+      else
+        snap_list=`/sbin/zfs list -H -t snapshot -o name -S creation -r ${ezjail_zfs} | \
+          grep ^${ezjail_zfs}@ez-autosnap- | cut -d '@' -f 2 | cut -d '-' -f 3`
+        filteroldsnapshots ${snap_list}
+      fi
+    done
+
+  done
+;;
+ ######################## ezjail-admin ARCHIVE ########################
 archive)
   # Clean variables, prevent pollution
   unset ezjail_archive ezjail_archive_tag ezjail_force ezjail_archivealljails ezjail_addfiles
@@ -1139,7 +1351,7 @@ archive)
   [ $# -lt 1 -a -z "${ezjail_archivealljails}" ] && exerr ${ezjail_usage_archive}
 
   # Ensure that archive directory is there
-  [ "${ezjail_archive}" = "-" ] || mkdir -p "${ezjail_archivedir}" || exerr "Error: Can not create archive directory ${ezjail_archivedir}."
+  [ "${ezjail_archive}" = "-" ] || mkdir -p "${ezjail_archivedir}" || exerr "Error: Can not create archive directory ${ezjail_archivedir}."
 
   # Will not backup more than one jail per archive
   [ "${ezjail_archive}" -a "${ezjail_archivealljails}" ] && exerr "Error: Must not specify an archive location for multiple archives.\n  Can not archive multiple jails into one archive."
@@ -1222,7 +1434,7 @@ archive)
     [ "${ezjail_imagesize}" ] && detach_images keep
 
     # An error on a jail not running is bad
-    [ ${ezjail_paxresult} -eq 0 -o "${ezjail_force}" ] || echo "Warning: Archiving jail ${ezjail_name} was not completely successful.\n  Please refer to the output above for problems the archiving tool encountered.\n  You may ignore reports concerning setting access and modification times.\n  You might want to check and remove ${ezjail_archive}."
+    [ ${ezjail_paxresult} -eq 0 -o "${ezjail_force}" ] || echo -n "Warning: Archiving jail ${ezjail_name} was not completely successful.\n  Please refer to the output above for problems the archiving tool encountered.\n  You may ignore reports concerning setting access and modification times.\n  You might want to check and remove ${ezjail_archive}."
 
     # When archiving a running jail, some errors might occur
     [ ${ezjail_paxresult} -eq 0 ] || echo "Warning: Archiving jail ${ezjail_name} was not completely successful. For a running jail this is not unusual."
@@ -1294,7 +1506,7 @@ restore)
     ezjail_config=`mktemp /tmp/ezjail.prop.XXXXXXXX`
     [ $? -ne 0 ] && exerr "Error: Can't create temporary file."
     pax -rzn -s:${ezjail_nameprop}:${ezjail_config}: -f ${ezjail_fromarchive} ${ezjail_nameprop}
-    fetchjailinfo ${ezjail_safename} ${ezjail_config}
+    fetchjailinfo ${ezjail_safename:-${ezjail_nameprop_safename}} ${ezjail_config}
 
     # Now all parameters are here, invoke ezjail-admin create
     [ "${ezjail_rootdir}" -a "${ezjail_ips}" -a "${ezjail_hostname}" ] || exerr "Error: Archive does not contain a valid ezjail properties file.\n  Some jails properties are missing."
@@ -1398,7 +1610,7 @@ config)
     fi
 
     # rename the filesystem, remounting is done by ZFS
-    [ "${ezjail_imagetype}" = "zfs" ] && /sbin/zfs rename ${ezjail_jailzfs}/${ezjail_old_hostname} ${ezjail_jailzfs}/${ezjail_hostname} && /sbin/zfs set mountpoint=${ezjail_rootdir} ${ezjail_jailzfs}/${ezjail_hostname} && rmdir ${ezjail_old_rootdir}
+    [ "${ezjail_imagetype}" = "zfs" ] && /sbin/zfs rename ${ezjail_parentzfs}/${ezjail_old_hostname} ${ezjail_parentzfs}/${ezjail_hostname} && /sbin/zfs set mountpoint=${ezjail_rootdir} ${ezjail_parentzfs}/${ezjail_hostname} && rmdir ${ezjail_old_rootdir}
 
     # rename fstab
     rm -f "/etc/fstab.${ezjail_old_safename}"
@@ -1424,6 +1636,7 @@ config)
   case "${ezjail_setrunnable}" in
     run)   [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv "${ezjail_config}" "${ezjail_config%.norun}";;
     norun) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv "${ezjail_config}" "${ezjail_config}.norun";;
+    test)  [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && echo "Jail ${ezjail_name} is runnable" || echo "Jail ${ezjail_name} is not runnable";;
   esac
 
   [ "${ezjail_imageaction}" -a -z "${ezjail_image}" ] && exerr "Error: Jail ${ezjail_name} not an image jail."
@@ -1460,6 +1673,30 @@ config)
       ;;
     esac
   ;;
+######################## ezjail-admin TROUBLESHOOT ########################
+troubleshoot)
+
+  # XXX TOOD:
+  # Start with some simple tests, check for basejail
+  # Check if we are ourself jailed
+  # Check if all IPv4 addresses are either configured already or in
+  #   interface config line
+  # Check for duplicate non unique IPv4 addresses
+  # Check if all necessary file systems for zfs jails are mounted
+  # For zfs jails check, if zpool is full
+  # Check if all mount points inside the jails are there
+
+  shift
+  [ $# -gt 0 ] && cd ${ezjail_jailcfgs} && set - `ls -A`
+
+  for ezjail; do
+    fetchjailinfo ${ezjail%.norun}
+
+    # Check for existence of jail in our records
+    [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
+
+  done
+  ;;
 *)
   exerr "${ezjail_usage_ezjailadmin}"
   ;;

ezjail.conf.sample

@@ -19,10 +19,6 @@
 # Location of your copy of FreeBSD's source tree
 # ezjail_sourcetree=/usr/src
 
-# In case you want to provide a copy of ports tree in base jail, set this to
-# a cvsroot near you
-# ezjail_portscvsroot=freebsdanoncvs@anoncvs.FreeBSD.org:/home/ncvs
-
 # This is where the install sub command defaults to fetch its packages from
 # ezjail_ftphost=ftp.freebsd.org
 
@@ -50,12 +46,26 @@
 # ezjail_procfs_enable="YES"
 # ezjail_fdescfs_enable="YES"
 
+# ZFS options
+
 # Setting this to YES will start to manage the basejail and newjail in ZFS
 # ezjail_use_zfs="YES"
+
 # Setting this to YES will manage ALL new jails in their own zfs
 # ezjail_use_zfs_for_jails="YES"
+
 # The name of the ZFS ezjail should create jails on, it will be mounted at the ezjail_jaildir
 # ezjail_jailzfs="tank/ezjail"
+
 # ADVANCED, be very careful!
 # ezjail_zfs_properties="-o compression=lzjb -o atime=off"
 # ezjail_zfs_jail_properties="-o dedup=on"
+
+# For auto snapshots this is the default policy to keep old snapshots. In each window there
+# will be guaranteed to be one or two snapshots only
+# If this variable is not set, no snapshots will be removed by ezjail-admin snapshot
+
+# Example policy for a database jail with rollbackable snapshots starting with four snapshots
+# in the last hour and up to an annual snapshot for 1000 years. Beware of the load caused by
+# destroying snapshots.
+# ezjail_default_retention_policy="4x15m 3x1h 2x2h 4h 12h 6x1d 7x1w 11x4w 1000x1y"

ezjail.sh

@@ -89,7 +89,7 @@ do_cmd()
     # Cannot auto mount blocking jails without interrupting boot process
     [ "${ezjail_fromrc}" -a "${action}" = "start" -a "${ezjail_blocking}" ] && echo -n " ...skipping blocking jail ${ezjail}" && continue
 
-    # Explicitely do only run blocking crypto jails when *crypto is requested
+    # Explicitly do only run blocking crypto jails when *crypto is requested
     [ "${action%crypto}" = "${action}" -o "${ezjail_blocking}" ] || continue
 
     # Try to attach (crypto) devices
@@ -105,13 +105,14 @@ do_cmd()
 
   # Configure settings that need to be done after the jail has been started
   if [ "${action%crypto}" = "start" -o "${action}" = "restart" ]; then
-    for ezjail in ${ezjail_list}; do
+    for ezjail in ${ezjail_pass}; do
       ezjail_safename=`echo -n "${ezjail}" | tr -c '[:alnum:]' _`
       # Get the JID of the jail
       [ -f "/var/run/jail_${ezjail_safename}.id" ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` || return
 
       eval ezjail_zfs_datasets=\"\$jail_${ezjail_safename}_zfs_datasets\"
       eval ezjail_cpuset=\"\$jail_${ezjail_safename}_cpuset\"
+      eval ezjail_post_start_script=\"\$jail_${ezjail_safename}_post_start_script\"
 
       # Attach ZFS-datasets to the jail
       for zfs in ${ezjail_zfs_datasets}; do
@@ -120,6 +121,9 @@ do_cmd()
 
       # Configure processor sets for the jail via cpuset(1)
       [ -z "${ezjail_cpuset}" ] || /usr/bin/cpuset -l ${ezjail_cpuset} -j ${ezjail_id} || echo -n "Error: The defined cpuset is malformed"
+
+      # Run post start script
+      [ -z "${ezjail_post_start_script}" ] || "${ezjail_post_start_script}" ${ezjail_id} "${ezjail}" || echo -n "Error: Post Start Script failed"
     done
   fi
 

man5/ezjail.conf.5

@@ -1,4 +1,4 @@
-.Dd January 15, 2011
+.Dd December 5, 2013
 .Dt EZJAIL.CONF 5 USD
 .Os FreeBSD
 .Sh NAME
@@ -56,11 +56,6 @@ Location of the flavours, where each directory is a different flavour.
 .br
 Default:
 .Em ${ezjail_jaildir}/flavours .
-.It ezjail_portscvsroot (str)
-CVS root to use when checking out or updating the ports tree in base jail.
-.br
-Default:
-.Em :pserver:anoncvs@anoncvs.FreeBSD.org:/home/ncvs .
 .It ezjail_ftphost (str)
 This is where the install subcommand defaults to fetch its packages from.
 .br
@@ -162,7 +157,7 @@ Default:
 .It ezjail_imagetype (one of simple, bde, eli, zfs)
 Type of jail to create when creating a jail with the
 .Fl i
-flag without specifying the type explicitely.
+flag without specifying the type explicitly.
 .br
 Default:
 .Em simple
@@ -170,7 +165,7 @@ Default:
 .Sh ZFS OPTIONS
 .Bl -tag -width option
 .It ezjail_use_zfs (bool)
-Set to YES, if ezjail should manage basejail and newjail in a seperate
+Set to YES, if ezjail should manage basejail and newjail in a separate
 ZFS-datasets.
 .br
 Default:
@@ -189,7 +184,7 @@ Default:
 The name of the parent ZFS-dataset which ezjail will use to create
 jails on. It will be mounted in
 .Em ezjail_jaildir .
-Setting this will automaticly enable ezjail managing jails in seperate
+Setting this will automatically enable ezjail managing jails in separate
 ZFS-datasets.
 .br
 Default:
@@ -201,6 +196,15 @@ for details. ADVANCED, be very careful!
 .br
 Default:
 .Em none .
+.It ezjail_default_retention_policy (str)
+Policy for the
+.Cm ezjail-admin snapshot
+subcommand to keep older snapshots. See
+.Xr ezjail-admin 1
+for details.
+.br
+Default:
+.Em none .
 .El
 .Sh FILES
 EZJAIL_PREFIX/etc/ezjail.conf
@@ -216,3 +220,10 @@ EZJAIL_PREFIX/etc/rc.d/ezjail.sh
 .Sh AUTHOR
 Dirk Engling
 .Aq erdgeist@erdgeist.org .
+.Pp
+The man page is based on a draft by
+.An JoeB
+.Aq joeb1@a1poweruser.com
+and was rewritten by
+.An Frederic Perrin
+.Aq frederic.perrin@resel.fr .

man7/ezjail.7

@@ -1,4 +1,4 @@
-.Dd January 15, 2011
+.Dd December 5, 2013
 .Dt EZJAIL 7 USD
 .Os
 .Sh NAME
@@ -130,12 +130,7 @@ There are two advantages to image jails. The amount of disk space
 allocated to the jail is limited, while normal jails have no bound on
 the amount of disk space they use. On the other hand, the space
 dedicated to the jail is no longer available to the host, even if the
-jail doesn't use all its allocated space. In addition, image jails
-contain a full copy of the basejail. This makes them portable between
-hosts running the same FreeBSD version as the image was created with.
-Of course, the jail now needs to be updated independently from all
-other jails, and there is no longer any sharing of common files
-between the jails.
+jail doesn't use all its allocated space.
 .Pp
 Image jails may also be encrypted using
 .Xr bde 4
@@ -150,7 +145,7 @@ filesystem. See
 .Sx Jail Creation Examples
 for details.
 .Pp
-Also, ezjail can be configured to install its basejail and the accompaning
+Also, ezjail can be configured to install its basejail and the accompanying
 template for all new jails into its own filesystem. Set the
 .Dq Li $ezjail_use_zfs
 variable in your
@@ -193,8 +188,16 @@ are handled by ezjail, replacing JAILNAME with the actual name of the jail:
 The hostname of the jail. Defaults to the name of the jail, unless
 special characters needed to be stripped.
 .It jail_JAILNAME_ip
-The IP addresses the jail is allowed to use. Since FreeBSD 7.2,
+The IP addresses the jail is allowed to use.
+.Pp
+Since FreeBSD 7.2,
 several IP addresses may be given, separated by commas.
+.Pp
+Since FreeBSD 9.0
+each IP address can be prefixed by an interface name followed by the pipe
+symbol. It will then automatically be configured on that interface when the
+jail is started and removed from the interface when the jail stops. (You
+will probably have to escape the pipe symbol, though.)
 .It jail_JAILNAME_rootdir
 The directory holding the jail files (the directory used as a mount
 point for file-based jails). Defaults to the jail name inside
@@ -218,7 +221,7 @@ that specifies whether the filesystems in
 are carried out. Set by ezjail to
 .Dq Li YES ,
 set to
-.Qd Li NO
+.Dq Li NO
 at your own risk.
 .It jail_JAILNAME_devfs_enable
 A boolean specifying whether to mount a
@@ -259,7 +262,7 @@ The parameters to pass to the tool used to decrypt file-based,
 encrypted jails. Initialized from the
 .Fl C
 option when creating such a jail, or the empty string.
-.Ir ezjail_JAILNAME_attachblocking
+.It ezjail_JAILNAME_attachblocking
 .Dq Li YES
 if the jail requires interaction with the administrator when starting
 (typically, encrypted jails that needs a password to be decrypted).
@@ -284,6 +287,14 @@ The network view to give to the jail (see
 when starting it. Taken from the
 .Fl f
 option when configuring the jail; the empty string otherwise.
+.It ezjail_JAILNAME_parameters
+The parameter set to be configured to the jail (see
+.Xr jail 8 )
+when starting it. You need to configure this by hand.
+.It ezjail_JAILNAME_post_start_script
+The path to a script that will be executed after the jail
+successfully was created. The script receives two parameters,
+the jid and the jail name.  You need to configure this by hand.
 .El
 .Pp
 In addition to these
@@ -337,7 +348,7 @@ configuration, creating classes of jails for development or testing
 favourite web development framework), pre-creating local users, and so
 on.
 .Ss Updating the Base Jail
-We already mentionned how easy it is to update jails, since only one
+We already mentioned how easy it is to update jails, since only one
 copy needs to be updated. Ezjail only handles updating the base
 system; updating the ports is left to the administrator (but see
 .Dq Li ports-mgmt/jailaudit
@@ -350,7 +361,7 @@ binary packages. If a base jail already exists, the
 command installs the world in a temporary directory before moving it
 to the basejail, thus leaving intact all installed libraries. After
 making sure all software running in the jails is linked with the new
-librairies, you may want to remove the old library versions. It is
+libraries, you may want to remove the old library versions. It is
 often a good idea to update the jails when a new kernel is installed
 in the host, using the same sources.
 .Ss Starting Jails
@@ -398,6 +409,37 @@ rc.d/ezjail can be used to start and stop jails by prepending
 Refer to
 .Xr rc 8
 for details.
+.Ss Snapshots and retention policies
+Jails residing in their own zfs and their corresponding zfs data sets can be
+automatically snapshot by the
+.Cm ezjail-admin snapshot
+subcommand. Taking snapshots of all jails before a major update is considered
+best practise. However, when taking snapshots regularly, the amount of disc
+space used can be considerable.
+.Pp
+Therefore ezjail allows you to set retention policies that describe how many
+of your snapshots you want to keep for one or all jails or a particular zfs. See
+the description of the snapshot command in
+.Xr ezjail-admin 5
+for details.
+.Pp
+A retention policy consists of one or multiple windows for which ezjail guarantees
+to keep at least one and at most two snapshots. A simple example:
+.D1 $ezjail_default_retention_policy="1d 2w 1y"
+will ensure ONE snapshot for the last day, for the last two weeks before that day and
+then for one snapshot in the year before the two-week window. Valid multipliers are
+(m)inutes, (h)ours, (d)ays, (w)eeks and (y)ears.
+.Pp
+Windows can be repeated by prepending them with a number and the letter x:
+.D1 $ezjail_test_com_retention_policy="24x1h 6x1d 3x1w 11x4w KEEP"
+will set the retention policy for jail test.com to keep hourly snapshots for one
+day, then daily snapshots for the rest of the week, weekly snapshots for the rest of
+the month, monthly snapshots for the rest of the year.
+.Pp
+The magic keyword KEEP at the end of the list will make ezjail not delete snapshots
+older than the oldest window. It is your responsibility to keep the list in an order
+that makes keeping snapshots possible, i.e. not placing one-hour-windows after
+one-year-windows.
 .Ss Remarks & Tips
 Jails can be either accessed from the network, for instance by using
 .Xr ssh 1 ,
@@ -422,7 +464,7 @@ knobs for allowing a jail to access raw sockets, see the
 man page for details.
 .Pp
 Once your jail has network access, then all your normal application
-install functions are availabe, right from the jails console. In
+install functions are available, right from the jails console. In
 particular, if the ports collection was installed, it can be used as
 if from the host system. A modified
 .Pa make.conf
@@ -447,7 +489,7 @@ in
 .Pa rc.conf .
 It is possible to set this variable to
 .Dq Li NO
-if the administrator wants to temporarily ezjail, or if she doesn't
+if the administrator wants to temporarily disable ezjail, or if she doesn't
 want the jails to be automatically started on boot.
 .Pp
 The ezjail system may be reset to a pristine state by removing all its
@@ -607,7 +649,7 @@ Create a new jail, placing it in directory
 instead of deriving the directory name of the jail from its host name.
 The jail will be created with the flavour
 .Ar example .
-This jail will be given two IP addressses; this is possible only since
+This jail will be given two IP addresses; this is possible only since
 FreeBSD 7.2.
 .It Nm Cm create Fl i Fl s Ar 600M sandbox2 10.0.10.4
 This creates a new file-based jail having a file size of 600 megabytes
@@ -625,12 +667,13 @@ Remember this passphrase, you will be asked for the passphrase every time
 you want to start this jail. As they require administrator interaction,
 jails backed by an encrypted file are not automatically started when the
 system boots.
-.It Nm Cm create Fl c Ar zfs Fl s Ar 1G sandbox4 10.0.10.6
+.It Nm Cm create Fl c Ar zfs Fl s Ar 1G sandbox4 em1\[rs]|10.0.10.6
 This creates a new zfs filesystem based jail with a default quota of 1
 gigabyte using lzjb compression. It uses the parent ZFS filesystem configured
 in the
 .Dq Li $ezjail_jailzfs
-variable to create the filesystem in.
+variable to create the filesystem in. The jail command will add the ip
+address 10.0.10.6 as an alias on the device em1 before starting the jail.
 .El
 .Sh FILES
 .Pa EZJAIL_PREFIX/bin/ezjail-admin
@@ -656,3 +699,10 @@ Interesting additional tools include:
 .Sh AUTHOR
 .An Dirk Engling
 .Aq erdgeist@erdgeist.org .
+.Pp
+The man page is based on a draft by
+.An JoeB
+.Aq joeb1@a1poweruser.com
+and was rewritten by
+.An Frederic Perrin
+.Aq frederic.perrin@resel.fr .

man8/ezjail-admin.8

@@ -1,4 +1,4 @@
-.Dd January 15, 2011
+.Dd December 5, 2013
 .Dt EZJAIL-ADMIN 8 USD
 .Os FreeBSD
 .Sh NAME
@@ -16,6 +16,7 @@
 .Op Fl r Ar jailroot
 .Op Fl a Ar archive
 .Op Fl c Ar jailtype Fl s Ar imagesize Op Fl C Ar attachargs
+.Op Fl z Ar parentzfs
 .Bk -words
 .Ar jailname ipaddress Ns Op Ar ,ipaddress2,...
 .Ek
@@ -27,10 +28,10 @@
 .Nm
 .Cm list
 .Nm
-.Cm start | stop | restart | cryptostart Ar jailname...
+.Cm start | stop | restart | startcrypto | stopcrypto Ar jailname...
 .Nm
 .Cm config
-.Op Fl r Ar run | norun
+.Op Fl r Ar run | norun | test
 .Op Fl n Ar newname
 .Op Fl i Ar attach | detach | fsck
 .Op Fl z Ar newdataset
@@ -53,6 +54,9 @@
 .Op Fl d Ar archivedir
 .Ar archive | jailname...
 .Nm
+.Cm snapshot
+.Ar [jailname...]
+.Nm
 .Cm update
 .Op Fl s Ar sourcetree | sourceosversion
 .Op Fl p
@@ -128,7 +132,7 @@ is used. Variable:
 .Pp
 It is possible to install from the
 .Li disc1
-CDRom, or an extracted -RELEASE directory, by specifying the
+CD-ROM, or an extracted -RELEASE directory, by specifying the
 .Ar host
 argument as
 .Pa file://path/to/source .
@@ -183,7 +187,9 @@ assign several several IPv4 or IPv6 addresses to a jail, by separating them
 with commas. Previous versions of FreeBSD allowed only a single IPv4 address
 per jail.
 .Pp
-The addresses of the jail are not configured on the host.
+From FreeBSD 9.0 the ipaddresses may be prefixed with an interface name, followed
+by the pipe symbol. It will then automatically be configured as an alias on that
+interface when the jail starts. Else
 .Nm
 will display a warning if the requested address is not found on any interface,
 and the jail will probably not start.
@@ -276,20 +282,34 @@ jail is backed with a
 .Xr zfs 8
 filesystem, whose initial quota is given with the
 .Fl s
-option. The filesystem is created in the
+option. The filesystem by default
+(see the
+.Fl z
+option) is created in the
 .Dq Li $ezjail_jailzfs
-parent filesystem and by default compressed using the lzjb method, as set in
+parent filesystem and compressed using the lzjb method, as set in
 the
 .Dq Li ezjail_zfs_jail_properies
 variable, both values configured in
-.Xr ezjail.conf 5
+.Xr ezjail.conf 5 .
 .Pp
 In each case, the
 .Fl s
-flag is mandatory when creating such a jail. An empty directory (without the
+flag is mandatory when creating a file backed jail (i.e. any image that is
+not zfs backed). An empty directory (without the
 .Pa .img
 suffix in the case of file-based jails) will be created and used as a mount
 point when running the jail.
+.It Fl z Ar parentzfs
+Normally zfs jails are created in a child of the same zfs, ezjail keeps its
+working directories in, as configured in the
+.Dq Li ezjail_jailzfs
+variable set in
+.Xr ezjail.conf 5 .
+Use this option to override this default.
+.Pp
+This option implies
+.Fl c Ar zfs .
 .It Fl s Ar imagesize
 Allocate this size to the jail. Without an unit, the size is in bytes. The
 valid suffix values are b/B for blocks (i. e. 512 bytes), k/K for kilobytes,
@@ -334,7 +354,7 @@ Use
 .Ar command
 instead of the default
 .Dq /usr/bin/login -f root .
-loogin command. A one time change to use a different user can be
+login command. A one time change to use a different user can be
 accomplished by using
 .Fl e Qq Li /usr/bin/login -f user .
 Variable:
@@ -375,8 +395,7 @@ If present, the third letter,
 means that the jail is not automatically started.
 .Pp
 The following columns are the JID (when it is running), the IP addresses, the name and the full path directory name of the jail.
-.Ss Nm Cm start | restart | stop | startcrypto Op Ar jailname ...
-.Pp
+.Ss Nm Cm start | restart | stop | startcrypto | stopcrypto Op Ar jailname ...
 This is a shortcut to the
 .Xr rc 8
 .Cm ezjail
@@ -402,8 +421,10 @@ the jail is restarted.
 .Pp
 The following options are available:
 .Bl -tag -width indent
-.It Fl r Cm run | norun
+.It Fl r Cm run | norun | test
 Set the jail to be automatically started or not on boot.
+.sp
+Note that the test parameter can be used to check if an ezjail exists, in this case the script will return with an exit code of zero and the runnable state on standard out. A non-zero exit code will be returned if the jail does not exist.
 .It Fl n Ar newname
 Rename the jail. Unless a custom root directory was given with the
 .Fl r
@@ -434,7 +455,6 @@ the selected jail as well as
 The
 .Pa /usr/jails/ Ns Ar jailname
 directory is not deleted.
-.Pp
 .Bl -tag -width indent
 .It Fl f
 Stop the jail before deleting it.
@@ -499,6 +519,30 @@ where it was archived. Be default,
 will refuse to restore an archive if the archived host system's hostname,
 its FreeBSD version or CPU architecture do not match the current host.
 .El
+.Ss Nm Cm snapshot [jailname...]
+Takes zfs snapshots of some or all (zfs) ezjails and their zfs datasets and
+optionally destroys older snapshots according to a configured retention
+policy.
+.Pp
+The zfs snapshots will be named @ez-autosnap- with the date appended in format
+“%Y%m%d%H%M”. List all auto snapshots with
+.Dq Li /sbin/zfs list -H -t snapshot | grep @ez-autosnap- .
+.Pp
+You can set (and override in that order) the retention policy globally in your
+.Dq Li $ezjail_default_retention_policy
+.Xr ezjail.conf 5
+variable, set them per jail in its config file with their
+.Dq Li $ezjail_retention_policy
+variable or set a User property with the name
+.Dq Li ezjail:autosnap_retention
+on the respective file systems.
+.Pp
+The policy is described by a pattern of space separated
+.Dq Li repeat x window
+entries with the algorithm guaranteeing at least one and at most two snapshots
+in each of the windows, if mathematically possible. See
+.Xr ezjail 7
+for details.
 .Ss Nm Cm update
 Updates ezjail's basejail, or in the
 .Fl b
@@ -543,7 +587,7 @@ you may pass freebsd-update's call to
 .Dq uname -r
 via the
 .Pa UNAME_r
-environment variable. Since there currently is no way of infering the
+environment variable. Since there currently is no way of inferring the
 osversion currently installed in the basejail, you need to remember the
 original osversion and pass it to this script using the
 .Fl s
@@ -605,3 +649,10 @@ filesystem is taken first.
 .Sh AUTHOR
 .An Dirk Engling
 .Aq erdgeist@erdgeist.org .
+.Pp
+The man page is based on a draft by
+.An JoeB
+.Aq joeb1@a1poweruser.com
+and was rewritten by
+.An Frederic Perrin
+.Aq frederic.perrin@resel.fr .

share/zsh/site-functions/ezjail-admin

@@ -1,194 +0,0 @@
-#compdef ezjail-admin
-
-# zsh completion for ezjail -- http://erdgeist.org/arts/software/ezjail/
-# This file is under the Beerware license, like ezjail itself
-
-# Heavily based on http://zsh.sf.net/Guide/zshguide06.html#l177
-
-# Frédéric Perrin, April 2011.
-
-_ezjail () {
-    local cmd
-    if (( CURRENT > 2)); then
-    cmd=${words[2]}
-    # Set the context for the subcommand.
-    curcontext="${curcontext%:*:*}:ezjail-$cmd"
-    # Narrow the range of words we are looking at to exclude `ezjail-admin'
-    (( CURRENT-- ))
-    shift words
-    # Run the completion for the subcommand
-    (( $+functions[_ezjail_cmd_$cmd] )) && _ezjail_cmd_$cmd
-
-    else
-    _values : \
-        "archive[create a backup of one or several jails]" \
-        "config[manage specific jails]" \
-        "console[attach your console to a running jail]" \
-        "create[installs a new jail inside ezjail\'s scope]" \
-        "cryptostart[start the encrypted jails]" \
-        "delete[removes a jail from ezjail\'s config]" \
-        "install[create the basejail from binary packages]" \
-        "list[list all jails]" \
-        "restart[restart a running jail]" \
-        "restore[create new ezjails from archived versions]" \
-        "start[start a jail]" \
-        "stop[stop a running jail]" \
-        "update[create or update the basejail from source]"
-    fi   
-}
-
-_ezjail_cmd_archive () {
-    _arguments -s : \
-    "-d[destination directory]:destination dir:_files -/" \
-    "-a[archive name]:archive name:" \
-    "-f[archive the jail even if it is running]" \
-    - archiveall \
-        "-A[archive all jails]" \
-    - somejails \
-        "*:jail:_ezjail_mostly_stopped_jails"
-}
-
-_ezjail_cmd_config () {
-    _arguments -s : \
-    "-r[run the jail on host boot]:run:(run norun)" \
-    "-n[new jail name]:new name:" \
-    "-c[jail cpuset]:cpu list:" \
-    "-z[ZFS dataset to attach]:zfs dataset:" \
-    "-f[jail FIB number]:fib number:" \
-    "-i[operate on image]:imageaction:(attach detach fsck)" \
-    "*:jailname:_ezjail_jails"
-}
-
-_ezjail_cmd_console () {
-    _arguments -s : \
-    "-e[execute command in jail]:execute:" \
-    "-f[start the jail if it isn't running]" \
-    "*:jailname:_ezjail_mostly_running_jails"   
-}
-
-_ezjail_cmd_create () {
-    _arguments -s : \
-    "-f[flavour for the new jail]:flavour:_ezjail_flavours" \
-    "-x[jail exists, only update the config]" \
-    "-r[name of the root dir]:dir:" \
-    "-a[restore from archive]:archive:_files" \
-    "-A[restore config from archive]:configarchive:_files" \
-    "-c[image type]:imagetype:(bde eli zfs)" \
-    "-C[image parameters]:imageparams:" \
-    "-b[jail start will be synchronous]" \
-    "-i[file-based jail]" \
-    "-s[size of the jail]:jailsize:" \
-    ":jail name:" \
-    ":comma-separated IP addresses:"
-}
-
-_ezjail_cmd_cryptostart () {
-    _ezjail_stopped_jails
-}
-
-_ezjail_cmd_delete () {
-    _arguments -s : \
-    "-w[wipe the jail root]" \
-    "-f[proceed even if the jail is running]" \
-    "*:jail:_ezjail_mostly_stopped_jails"
-}
-
-_ezjail_cmd_install () {
-    _arguments : \
-    - newjail \
-        "-r[FreeBSD release]:release:(8.0-RELEASE 8-STABLE 9-STABLE)" \
-        "-h[host for fetching packages]:remote host:" \
-        "-m[include man pages]" \
-        "-s[include the /usr/src tree]" \
-        "-p[include the ports tree]" \
-    - pimpjail \
-        "-M[install man pages over an existing basejail]" \
-        "-S[install the /usr/src tree over an existing basejail]" \
-        "-P[install the ports tree over an existing basejail]" \
-}
-
-_ezjail_cmd_list () {}
-
-_ezjail_cmd_restart () {
-    _ezjail_running_jails
-}
-
-_ezjail_cmd_restore () {
-    _arguments -s : \
-    "-f[restore over an existing jail]" \
-    "-d[archive directory]:archivedir:_files -/" \
-    "*::_files" \
-    "*::_ezjail_jails"
-}
-
-_ezjail_cmd_start () {
-    _ezjail_stopped_jails
-}
-
-_ezjail_cmd_stop () {
-    _ezjail_running_jails
-}
-
-_ezjail_cmd_update () {
-    _arguments -s : \
-    "-p[also update the ports tree]" \
-    "-s[source tree]:source tree:_files -/" \
-    "-P[update only the ports tree]" \
-    "-b[perform a make buildworld]" \
-    "-i[perform only a make installworld]" \
-    "-u[use freebsd-update to update]" \
-    "-U[use freebsd-update to upgrade]"
-}
-
-_ezjail_flavours () {
-    local flavourdir
-    local etcjailconf="/usr/local/etc/ezjail.conf"
-    flavourdir=$( . $etcjailconf ; ezjail_flavours_dir=${ezjail_flavours_dir:-${ezjail_jaildir}/flavours}; echo $ezjail_flavours_dir )
-    _files -W $flavourdir
-}
-
-_ezjail_list_jails () {
-    local jailcfgs="/usr/local/etc/ezjail"
-    local state=$1
-    local ret=1
-    local j
-    # Those names have already been passed through "tr -c '[alnum]' _" by ezjail
-    for j in $jailcfgs/*(:t) ; do
-    case $state in
-    running) [[ -f /var/run/jail_${j}.id ]] && compadd $j && ret=0 ;;
-    stopped) [[ -f /var/run/jail_${j}.id ]] || compadd $j && ret=0 ;;
-    *)       compadd $j && ret=0 ;;
-    esac
-    done
-    return $ret
-}
-
-_ezjail_jails () {
-    _ezjail_list_jails all
-}
-
-_ezjail_running_jails () {
-    _ezjail_list_jails running
-}
-
-_ezjail_stopped_jails () {
-    _ezjail_list_jails stopped
-}
-
-# Some commands (console...) should be run with running jails,
-# unless -f is given, in which case we can operate on all jails
-_ezjail_mostly_running_jails () {
-    local wanted_jails=_ezjail_running_jails
-    (( ${words[(I)-*f]} )) && wanted_jails=_ezjail_jails
-    $wanted_jails
-}
-
-_ezjail_mostly_stopped_jails () {
-    local wanted_jails=_ezjail_stopped_jails
-    (( ${words[(I)-*f]} )) && wanted_jails=_ezjail_jails
-    $wanted_jails
-}
-
-_ezjail "$@"
-
-# -*- mode: shell-script -*-