From owner-freebsd-jail@FreeBSD.ORG Thu May 1 09:39:43 2014 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 60D3F312 for ; Thu, 1 May 2014 09:39:43 +0000 (UTC) Received: from mail-wi0-x22f.google.com (mail-wi0-x22f.google.com [IPv6:2a00:1450:400c:c05::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E61C214E5 for ; Thu, 1 May 2014 09:39:42 +0000 (UTC) Received: by mail-wi0-f175.google.com with SMTP id cc10so387704wib.2 for ; Thu, 01 May 2014 02:39:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=from:to:date:mime-version:subject:message-id:priority:in-reply-to :references:content-type:content-transfer-encoding :content-description; bh=Q/3PCZkJOENRUQeEfeJ6xhC9Xw4Kg9kq7UmZyp2KJRM=; b=ZAc2ApeAytfi7bpsUHDdi1gUllALZjTudEmMACwe14dZooWWPUQy5e17BDHUzuBv6e X8DHLFwQahDaf/TyrAYSzBZaQoJ96iTAXCK5LZXHvvipKf0khPkHmBubEI33OPXCdt/G wvIclGUZLnNLOSRXLdA1nzYapfqXFeV3I8Q6QcqMuyAxB3LlQRiN06jk2gFjc183nhA7 0RGTifX1+HQRVOJ6gdvKg6E3/0phrOnQUoWIiYw4KFDyo961JzN9AQqQqaCaxIPPhR69 xYIZjpzH+jaolPm6WL5seeUSvAaP26frAQdynaMRzrN5Aks4hZlS6eyrK/xsiKLWZkb3 7Fqw== X-Received: by 10.180.77.165 with SMTP id t5mr1495688wiw.38.1398937180957; Thu, 01 May 2014 02:39:40 -0700 (PDT) Received: from [192.168.16.70] ([217.41.35.220]) by mx.google.com with ESMTPSA id xm20sm2584930wib.19.2014.05.01.02.39.39 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 01 May 2014 02:39:40 -0700 (PDT) X-Google-Original-From: "Dave B" From: Dave B To: freebsd-jail@freebsd.org Date: Thu, 01 May 2014 10:39:38 +0100 MIME-Version: 1.0 Subject: Re: Advice/guidance requested. Message-ID: <5362165A.3144.1D910671@g8kbvdave.gmail.com> Priority: normal In-reply-to: <52D3C8E6.5030907@wasikowski.net> References: <52D1A7D5.32720.65E995@g8kbvdave.gmail.com>, <1389516744.523477025.przufqea@frv34.ukr.net>, <52D3C8E6.5030907@wasikowski.net> X-mailer: Pegasus Mail for Windows (4.62) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 09:39:43 -0000 Try QJail. http://qjail.sourceforge.net/ There is a good "howto" section listed here. http://qjail.sourceforge.net/Qjail-howto.html If I can manage it, anyone can.. (I'm running on F'BSD 9.2) Yes, like ezJail, the base jail takes up a bit of space, but others built on that take up a lot less, unless you load them up with stuff of course. Updating is not that dificult either. Regards. Dave B. > W dniu 2014-01-12 10:09, wishmaster pisze: > > >> I would also recommend ezjails. Using fat jails is often completely > >> unnecessary. > > > > Do you think using ezjail you will obtain "thin" jails? You are > > wrong. Setup 5...10 jails for applications: one jail for > > web-applications on php, one for java and so on. And you will see > > how your jails will be FAT! And now imagine update system and > > software procedure. So, if you need a lot of "light" isolation > > containers, ezjail is not your way. I use self written scripts > > which creates one base system with all needed packages and a lot of > > "containers" with vnet supports and with "security in mind". > > Upgrading is very easy, just one jail. > > Sounds nice, maybe write some blog post or even a more detailed mail > to this list with some how-to? I'm sure many people would find this > very interesting. > > -- > best regards, > Lukasz Wasikowski > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to > "freebsd-jail-unsubscribe@freebsd.org"