Changes between Version 35 and Version 36 of FreeBSDJail


Ignore:
Timestamp:
Oct 27, 2010, 8:26:24 AM (12 years ago)
Author:
Rick van der Zwet
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • FreeBSDJail

    v35 v36  
    1010
    1111Important: Your jail server should not run ''any'' public facing services which does 'wildcard' binding to IP addresses, else it will 'claim' the service before your jail can take it.
     12
     13== Install Jail ==
     14First make sure to install the jail using the [http://www.freebsd.org/doc/handbook/jails.html method in the handbook]
     15{{{#!sh
     16master# cat <<EOF >> /etc/rc.conf
     17jail_pzwet_rootdir="/usr/jail/pzwet"
     18jail_pzwet_interface="re0"
     19jail_pzwet_hostname="pzwet.vanderzwet.net"
     20jail_pzwet_ip="178.63.108.109"
     21jail_pzwet_devfs_enable="YES"
     22jail_pzwet_devfs_ruleset="devfsrules_jail"
     23jail_pzwet_mount_enable="YES"
     24EOF
     25}}}
     26
     27master# mkdir /usr/jail/pzwet/usr/ports
     28master# cat <<EOF > /etc/fstab.pzwet
     29/usr/ports      /usr/jail/pzwet/usr/ports               nullfs  rw              0       0
     30EOF
     31
     32master# cp /etc/resolv.conf //usr/jail/pzwet/etc/resolv.conf
     33
     34== Configure Jail ==
    1235Tip: Jails does '''NOT''' have a local loopback device, so you will need to use UNIX sockets on places you would normally use the loopback address.
    13 Tip: Make sure your port directory is clean before start. Run {{{find /usr/ports/ -mindepth 3 -maxdepth 3 -type d -name work | rev | cut -c 5- | rev | xargs -n 1 -I % make -C % clean}}} if you are not sure.
    14 First make sure to install the jail using the [http://www.freebsd.org/doc/handbook/jails.html method in the handbook]
    1536{{{#!sh
    1637pzwet# cat <<EOF >> /etc/rc.conf
     
    4364}}}
    4465
     66Tip: Make sure your port directory is clean before start. Run {{{find /usr/ports/ -mindepth 3 -maxdepth 3 -type d -name work | rev | cut -c 5- | rev | xargs -n 1 -I % make -C % clean}}} if you are not sure.
    4567Install the ports:
    4668pzwet# make -C /usr/ports/security/sudo WITH_INSULTS=yes BATCH=yes install clean