From owner-freebsd-questions Mon Mar 11 7:43:30 2002 Delivered-To: freebsd-questions@freebsd.org Received: from idealso.com (idealso.com [216.122.250.84]) by hub.freebsd.org (Postfix) with ESMTP id C314837B405 for ; Mon, 11 Mar 2002 07:43:00 -0800 (PST) Received: from att (12-245-208-165.client.attbi.com [12.245.208.165]) by idealso.com (8.11.0/8.11.0) with SMTP id g2BFgqR45891; Mon, 11 Mar 2002 10:42:53 -0500 (EST) (envelope-from jeff@idealso.com) Reply-To: From: "Jeff Lawton" To: "Oliver, Michael W." , Subject: RE: Jail, jail, and more jail Date: Mon, 11 Mar 2002 10:46:45 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 In-Reply-To: <1DA741CA6767A144BAA4F10012536C27AA02@LKLDDC01.GARGANTUAN.COM> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I am trying to figure out jails also. I would like to set up virtual servers that diskless boot from another machine or the host (If that's possible). I believe that way my jails can have mysql and other things that are limited in jails and also keep my disk usage down. I am now sure what the security repecutions of this approach are ether. Please let me know what you find in your search. I did find some more info in my /usr/src/share/doc/papers/jail directory there are some articles with a .ms extension. cat paper.ms |more worked fine. You might try to type "locate jail |more" if you get an error type periodic daily and wait, it may take a while, then try the locate command. Jeff -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Oliver, Michael W. Sent: Sunday, March 10, 2002 7:21 PM To: questions@FreeBSD.ORG Subject: Jail, jail, and more jail Folks, I have been tinkering around with jail for the past couple of days, and I have to commend the FreeBSD folks... it is pretty cool. I have a few questions that were exactly answered by the man page, and was hoping that some of you smarties out there could straighten me out. Here we go... 1. I can start the /stand/sysinstall in the jail, but I always install everything via FTP, and I have discovered that I cannot do this in a jail. To wit, I get an answer along the lines of: No network devices available! Which leaves me in the position of downloading all of the packages manually and installing them via pkg_add. Not that big of a problem, but sysinstall is nice for automatically fetching all dependencies. I can live with it like this, but if there is a fix for my problem, I would sure like to know about it. 2. I want to know if a freshly created jail directory structure is portable. Meaning, after I create one jail, and I simply (recursively) copy that jail into another directory and have a second, working jail? 3. I run Apache (w/IPv6) right now on the host system, and I have some virtual hosts that are IPv6-only. How can I assign a specific IPv6 address for a particular jail? Is it even possible? This answer to this question will make or break my decision to move Apache to a jail. 4. Can I run xntpd inside a jail? I haven't tried this yet, but it seems to me that allowing an application to change the system time wouldn't be allowed in a jail... Thanks in advance to all who respond, I really appreciate your guidance. Also, once I have compiled all of this information, I will be posting a FYI email to the list for archival purposes with a link to my site where this will be documented. =========== Michael Oliver To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message