fixed bootstrap of chat jail, added rctl limit config stuff

roles/pub/bin/user.sh

@@ -74,7 +74,7 @@ args=""
 root=""
 
 if test -n "$rootdir"; then
-    root="-R $rootdir"
+    root="-R $rootdir -L jail"
 fi
 
 if test -n "$groups"; then

roles/pub/tasks/main.yaml

@@ -51,7 +51,7 @@
   template:
     src: hosts.j2
     dest: "/usr/local/bastille/templates/services/{{ role_name }}/etc/hosts"
-    
+
 - name: create jail
   shell: "bastille create -B {{ role_name }} {{ release }} {{ jailip.stdout }}/64 bridge0"
   args:
@@ -77,6 +77,15 @@
     src: keys
     dest: "/usr/local/bastille/"
 
+# create our login class, needed for rctl rules
+- name: create jail login class
+  shell: |
+    ( echo "jail:\\"; printf "\t:tc=default:\n" ) >> /usr/local/bastille/jails/{{ role_name }}/root/etc/login.conf
+    cap_mkdb /usr/local/bastille/jails/{{ role_name }}/root/etc/login.conf
+    touch /tmp/.ansiblepubloginconf
+  args:
+    creates: /tmp/.ansiblepubloginconf
+
 # create our own group[s]
 - name: Manage groups
   loop: "{{ jailgroups }}"