Date: Tue, 29 Jul 2014 18:16:35 -0400 From: Allan Jude <allanjude@freebsd.org> To: freebsd-jail@freebsd.org Subject: Re: ezjail and mergemaster Message-ID: <53D81D43.6070503@freebsd.org> In-Reply-To: <alpine.BSF.2.11.1407291519270.34044@wonkity.com> References: <alpine.BSF.2.11.1407291519270.34044@wonkity.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --olte65bcI9LwiaEgJkUtJHWMok4EQNfOx Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 2014-07-29 17:44, Warren Block wrote: > This is tangential to my earlier changes to mergemaster. >=20 > I'm working on an ezjail addition for the Handbook. The update section= > shows both source and binary updates. >=20 > For source, ezjail-admin update -b on the host does a > buildworld;installworld on the basejail. >=20 > For binary, ezjail-admin update -r on the host uses freebsd-update to > update the basejail. >=20 > mergemaster is used after either on a real machine. By default, the > ezjail basejail does not even have a copy of the source, making running= > mergemaster from inside the jail a bit difficult. >=20 > What process for running mergemaster should I suggest? Maybe different= > ones for trusted and untrusted jails? >=20 > The host can update trusted jails: > mergmaster -U -D /usr/jails/jailname >=20 > (It might not be safe to consider any jail "trusted".) >=20 > The untrusted procedure is a lot fuzzier to me. Mount /usr/src on the > basejail, then only run mergemaster from inside the jails? Is there a > good way? Or a standard way? >=20 > As with other things for the Handbook, we should be showing best > practices. What is the best practice for mergemaster on any random > jail, trying to conserve disk space as much as is safely possible? > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org"= This will mount /usr/src into the basejail read-only: mount -t nullfs -o ro /usr/src /usr/jails/basejail/usr/src --=20 Allan Jude --olte65bcI9LwiaEgJkUtJHWMok4EQNfOx Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJT2B1FAAoJEJrBFpNRJZKfpKIQAJbWCqNLEfMX5avhOw4yk4Sy bRmmYQyUetskFWGDhIT5YujdKnLtECO3Yw1i7BH0KEQZDcT8Yi1r4kmcxS0gKNc6 CfpELDFo0s/hdA8w+LpJ3X5594WSNBNIjER5R3DRW0Mi5Z67Yc/cXkIuscxmI9lw wr2R86j6wwkCSLDjHk28TdCOMq8z0sjrBOk7CQ4YfyAsGJIZTdU0K1OUPUgcwekc wc4ekqUnFP3NzhfBLM9QCtJy6rRHnr1liYNeVH8SDFGyzB30Lgp4AKFXbJqEQ+t1 Q/poZ7yM7GMJRI2AHO4ZfSq2bVs5yvmXHP0f8al51AWcIfFgzAEAbFnhsoCU9HPF SZVtyaiPm7KNEhR9IA7ma6EF+rW1o+IqEen16gHG2DR1xIB1MWStmxfM0OfPS9a6 AZtaTihNHY78DSMAmN5QK0ybzilD46r+mlf85dEm4RE0q42j/47GLMULcdBYfPl8 RlZfO/a2j5FEpMhz6xPAM7+8DTJu78pBE2141JobsW1dMRtGWaKxLdjhsJr7Dc6V KbdwXtLKNZPDzTE5zi3BZqEEQmSqdD/vPy+vUzMcT/I3rda7ZBP2caAMUUf6jTta NkeIytNh5xcaQ1lXbTxzdJA6KGN/3l0rgmPPbNMfQAdDhZGzD6OUBZfJJxtXzpE/ KktP/0ZL11BWSiNXdgTD =Mah3 -----END PGP SIGNATURE----- --olte65bcI9LwiaEgJkUtJHWMok4EQNfOx--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53D81D43.6070503>