Sunday, February 28, 2010

FreeBSD (III)

BSD Jails – some improved version of traditional chroot environment. It allows you to configure a hostname, an IP address, and processes does not leave in any case the jail they run into.
So, if you’re already using bash like I am, this are the steps:
# i used /usr/jail/myjail as my first jail in FreeBSD.
export J /usr/jail/myjail
mkdir -p $J
cd /usr/src
make buildworld # run it when using jails for the first time…and wait, it’s gonna last..
make ‌installworld DESTDIR=$J
make distribution DESTDIR=$J
mount -t devfs devfs $J/dev

Enable it on startup by editing /etc/rc.conf like this:
jail_enable=”YES”
jail_list=”myjail”
jail_myjail_rootdir=”/usr/jail/myjail”
jail_myjail_hostname=”myjail.localdomain”
jail_myjail_ip=”192.168.0.224″
jail_myjail_devfs_enable=”YES”
jail_myjail_devfs_ruleset=”myjail_ruleset”

To start/stop your jail, use this:
/etc/rc.d/jail start myjail
/etc/rc.d/jail stop myjail
To cleanly shutdown a jail, run:
sh /etc/rc.shutdown #from inside a jail
or, use jexec utility.
Some other programs you’ll probably use with jails, are found in /usr/ports/sysutils:
jailadmin, jailctl, jailutils
To see what jails are running you can run:
jls
To run a tcsh on a jail, run:
jexec JID tcsh
…which will get you directly on that jail.

No comments:

Post a Comment