From owner-freebsd-jail@FreeBSD.ORG  Mon Jan 13 11:07:31 2014
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 4939CA1D
 for <freebsd-jail@freebsd.org>; Mon, 13 Jan 2014 11:07:31 +0000 (UTC)
Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b])
 (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id F137011E3
 for <freebsd-jail@freebsd.org>; Mon, 13 Jan 2014 11:07:30 +0000 (UTC)
Received: from mail.wasikowski.net (mail.wasikowski.net [IPv6:2001:6a0:1cb::b])
 by mail.wasikowski.net (Postfix) with ESMTP id D559B712;
 Mon, 13 Jan 2014 12:07:19 +0100 (CET)
X-Virus-Scanned: amavisd-new at wasikowski.net
Received: from mail.wasikowski.net ([IPv6:2001:6a0:1cb::b])
 by mail.wasikowski.net (scan.wasikowski.net [IPv6:2001:6a0:1cb::b])
 (amavisd-new, port 10026)
 with ESMTP id f0JpfbGKFlSF; Mon, 13 Jan 2014 12:07:19 +0100 (CET)
Received: from [192.168.138.150] (83-144-115-210.static.chello.pl
 [83.144.115.210])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.wasikowski.net (Postfix) with ESMTPSA id 3AA3B70E;
 Mon, 13 Jan 2014 12:07:19 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wasikowski.net;
 s=default; t=1389611239;
 bh=WZsEeL+gPHi6qyD11sz9Y5o0PSAtnxCIL4Bha8ulK9A=;
 h=Date:From:To:CC:References:In-Reply-To;
 b=ONnb7+eL6LrGFpZeyRFX2CAbCp51u6CT7vklIZXSUMJ0beuZUEvlQZzmXrHcJRZmU
 zAzy4WPMrHGl7Yxmvrqow8+czqgivX6rfWbRL6wLMpplOvmBTM1Ub7M5uDuVfR34JU
 gojKeP8Kt51wdVmQJQnbSonJ6zWmi5mcM/gpRjLbRpcdPcr3SgBayOhRQgNAyYbwR0
 b+Q8sVwhJ33I2jcseJefPcx//y79tKIOluL5gG4i7yDPFJz7pXOoYw/Ne6SBuRBhLJ
 lGoJ0fkE58+AKFB5cSpwxikn1/oCTTVmTN5cmGrLz1XWO4XCAD1WNepKdN/Oz/THVJ
 r/Ty4786pBEEw==
Message-ID: <52D3C8E6.5030907@wasikowski.net>
Date: Mon, 13 Jan 2014 12:07:18 +0100
From: =?UTF-8?B?xYF1a2FzeiBXxIVzaWtvd3NraQ==?= <lukasz@wasikowski.net>
User-Agent: Mozilla/5.0 (Windows NT 5.1;
 rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: wishmaster <artemrts@ukr.net>
Subject: Re: Advice/guidance requested.
References: <52D1A7D5.32720.65E995@g8kbvdave.gmail.com>
 <1389491895.26149.69590497.27B13D4C@webmail.messagingengine.com>
 <1389516744.523477025.przufqea@frv34.ukr.net>
In-Reply-To: <1389516744.523477025.przufqea@frv34.ukr.net>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: freebsd-jail@freebsd.org
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail/>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
 <mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jan 2014 11:07:31 -0000

W dniu 2014-01-12 10:09, wishmaster pisze:

>> I would also recommend ezjails. Using fat jails is often completely
>> unnecessary.
>  
>  Do you think using ezjail you will obtain "thin" jails? You are wrong. Setup 5...10 jails for applications: one jail for web-applications on php, one for java and so on. And you will see how your jails will be FAT! And now imagine update system and software procedure.
>  So, if you need a lot of "light" isolation containers, ezjail is not your way. 
>  I use self written scripts which creates one base system with all needed packages and a lot of "containers" with vnet supports and with "security in mind". Upgrading is very easy, just one jail.

Sounds nice, maybe write some blog post or even a more detailed mail to
this list with some how-to? I'm sure many people would find this very
interesting.

-- 
best regards,
Lukasz Wasikowski