Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 28 Aug 2009 12:45:16 +0200
From:      Ruben de Groot <mail25@bzerk.org>
To:        APseudoUtopia <apseudoutopia@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Information on Setting up a Jailed Webserver
Message-ID:  <20090828104516.GB30068@ei.bzerk.org>
In-Reply-To: <27ade5280908270928s256bed30s2cc75587b22577b1@mail.gmail.com>
References:  <27ade5280908261959q39aeab15ta300048b861a50f7@mail.gmail.com> <6201873e0908262010n1f554fa6p88895ee4641a5620@mail.gmail.com> <200908271135.13045.erich@apsara.com.sg> <27ade5280908270713g5710797xadb07b5055158808@mail.gmail.com> <6201873e0908270803k639b4742w1211d686607f7e9@mail.gmail.com> <27ade5280908270928s256bed30s2cc75587b22577b1@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Aug 27, 2009 at 12:28:26PM -0400, APseudoUtopia typed:
> Two more questions then I should be ready to go with my jail(s).
> 
> In order to minimize the HDD space of the jail, can I add things in my
> src.conf such as
> WITHOUT_BOOT, WITHOUT_ACPI, WITHOUT_PF?

Yes you can. Another option is to use read only nullfs mounts for e.g. /usr,
/lib, /sbin/ /bin to populate the jail. That will cost you no HDD space at all.
The ezjail port, allready mentioned, can more or less automate this.

> I do use pf on the host system, but it isn't needed inside the jail as
> well, correct?

Rather, it's not possible to use inside a standard (non-vimage) jail. There's
only one network stack.

> Also, is it possible to compile a port (specifically nginx) inside the
> host, then simply cp it into the jail and run it? I'd like to do this
> to avoid installing a compiler into the jail itself.

make package-recursive

Ruben

> Thanks again for the help.
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090828104516.GB30068>