From owner-freebsd-jail@FreeBSD.ORG Mon Jan 13 14:03:07 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E255561A for ; Mon, 13 Jan 2014 14:03:07 +0000 (UTC) Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com [IPv6:2a00:1450:400c:c05::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 77182120F for ; Mon, 13 Jan 2014 14:03:07 +0000 (UTC) Received: by mail-wi0-f169.google.com with SMTP id e4so1167392wiv.0 for ; Mon, 13 Jan 2014 06:03:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=from:to:date:mime-version:subject:message-id:priority:in-reply-to :references:content-type:content-transfer-encoding :content-description; bh=rIULvMFEZU32MlAsRpeVY6yYf6jwiEG9eEzD2xcMPV0=; b=psmyrfrS9tBgSG9cVl31qUUZi7gmnlrpnl35/tjcljJhebQH3f9yGoOECISG83a3pM +wnY7GMinDYLQ8e7JAfs2X7YuMdG6DHuCwcJa0ktKVFAltU4Dnn7jlpzKl6YsacT8K7K /7tlW0brgwCUoQ7r/dHhDpQybf00Zlyy82qBYvUNbZaW5SP1/kktVCsHQVjSOhUqcAEU zlQybjI9gs52o4cAxm3lOdnySXrzoaCzZ/kRn8A+yksFIE9RvCTDAgESQr+HBKgbY33G K8lV0ti74u3s1C4FJIvRGbDl7iAr0IrR6QrXRyjVd+WVHABMHG4E8CDkVfmhqLaaiGE6 sbSA== X-Received: by 10.180.104.164 with SMTP id gf4mr15151405wib.35.1389621785833; Mon, 13 Jan 2014 06:03:05 -0800 (PST) Received: from [192.168.16.97] ([217.41.35.220]) by mx.google.com with ESMTPSA id pk8sm17997880wic.6.2014.01.13.06.03.04 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Mon, 13 Jan 2014 06:03:05 -0800 (PST) From: g8kbvdave@googlemail.com To: freebsd-jail@freebsd.org Date: Mon, 13 Jan 2014 14:03:03 -0000 MIME-Version: 1.0 Subject: Re: Advice/guidance requested. Message-ID: <52D3F217.16121.982CEA@g8kbvdave.gmail.com> Priority: normal In-reply-to: <52D3C8E6.5030907@wasikowski.net> References: <52D1A7D5.32720.65E995@g8kbvdave.gmail.com>, <1389516744.523477025.przufqea@frv34.ukr.net>, <52D3C8E6.5030907@wasikowski.net> X-mailer: Pegasus Mail for Windows (4.62) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jan 2014 14:03:07 -0000 > W dniu 2014-01-12 10:09, wishmaster pisze: > > >> I would also recommend ezjails. Using fat jails is often completely > >> unnecessary. > > > > Do you think using ezjail you will obtain "thin" jails? > > You are wrong. Setup 5...10 jails for applications: one jail for > > web-applications on php, one for java and so on. And you will see how your > > jails will be FAT! And now imagine update system and software procedure. > > So, if you need a lot of "light" isolation containers, ezjail is not your way. > > I use self written scripts which creates one base system with all needed > > packages and a lot of "containers" with vnet supports and with "security in > > mind". Upgrading is very easy, just one jail. > > Sounds nice, maybe write some blog post or even a more detailed mail to > this list with some how-to? I'm sure many people would find this very > interesting. > > -- > best regards, > Lukasz Wasikowski Yes indeed, then we can all learn how and more importantly "why". Best Regards. Dave B.