Date: Tue, 29 Jul 2014 15:44:44 -0600 (MDT) From: Warren Block <wblock@wonkity.com> To: freebsd-jail@FreeBSD.org Subject: ezjail and mergemaster Message-ID: <alpine.BSF.2.11.1407291519270.34044@wonkity.com>
next in thread | raw e-mail | index | archive | help
This is tangential to my earlier changes to mergemaster.
I'm working on an ezjail addition for the Handbook. The update section
shows both source and binary updates.
For source, ezjail-admin update -b on the host does a
buildworld;installworld on the basejail.
For binary, ezjail-admin update -r on the host uses freebsd-update to
update the basejail.
mergemaster is used after either on a real machine. By default, the
ezjail basejail does not even have a copy of the source, making running
mergemaster from inside the jail a bit difficult.
What process for running mergemaster should I suggest? Maybe different
ones for trusted and untrusted jails?
The host can update trusted jails:
mergmaster -U -D /usr/jails/jailname
(It might not be safe to consider any jail "trusted".)
The untrusted procedure is a lot fuzzier to me. Mount /usr/src on the
basejail, then only run mergemaster from inside the jails? Is there a
good way? Or a standard way?
As with other things for the Handbook, we should be showing best
practices. What is the best practice for mergemaster on any random
jail, trying to conserve disk space as much as is safely possible?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.11.1407291519270.34044>