Changes between Version 3 and Version 4 of FreeBSDJail


Ignore:
Timestamp:
10/27/10 06:23:57 (14 years ago)
Author:
Rick van der Zwet
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • FreeBSDJail

    v3 v4  
    1 This document will describe the setup of jail(8) and how-to configure all applications to work properly within a jail(8).
     1This document will describe the setup of jail(8) and how-to configure all applications to work properly within a jail(8). It has the following design criteria/assumptions:
     2* /usr/ports is shared throughout all installations (so are all the configuration for the ports then) and every system build all ports himself.
     3* my sample jail is called {{{pzwet}}} and is located in file:/usr/jail/pzwet   
     4
     5Important: Your jail server should not run ''any'' public facing services which does 'wildcard' binding to IP addresses, else it will 'claim' the service before your jail can take it.
     6Warning: Jails does '''NOT''' have a local loopback device, so you will need to use UNIX sockets on places you would normally use the loopback address.
    27
    38First make sure to install the jail using the [http://www.freebsd.org/doc/handbook/jails.html method in the handbook]
    4 178.63.108.109
    5 XXX: Document
    69
    710pzwet# make -C /usr/ports/security/sudo WITH_INSULTS=yes BATCH=yes install clean
    811pzwet# make -C /usr/ports/devel/subversion WITH_MOD_DAV_SVN=yes APACHE_VERSION=22 BATCH=yes install clean
     12pzwet# make -C /usr/ports/ports-mgmt/portaudit BATCH=yes install clean; /usr/local/sbin/portaudit -Fda
     13
     14
     15
     16Update port INDEX tree and report on pending upgrades every Saturday
     17pzwet# echo '0       3       *       *       sat     root /usr/sbin/portsnap -I  cron update && /usr/sbin/pkg_version -vIL=' >> /etc/crontab