Date: Thu, 27 Aug 2009 10:03:03 -0500 From: Adam Vande More <amvandemore@gmail.com> To: APseudoUtopia <apseudoutopia@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Information on Setting up a Jailed Webserver Message-ID: <6201873e0908270803k639b4742w1211d686607f7e9@mail.gmail.com> In-Reply-To: <27ade5280908270713g5710797xadb07b5055158808@mail.gmail.com> References: <27ade5280908261959q39aeab15ta300048b861a50f7@mail.gmail.com> <6201873e0908262010n1f554fa6p88895ee4641a5620@mail.gmail.com> <200908271135.13045.erich@apsara.com.sg> <27ade5280908270713g5710797xadb07b5055158808@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 27, 2009 at 9:13 AM, APseudoUtopia <apseudoutopia@gmail.com>wrote: > On Wed, Aug 26, 2009 at 11:35 PM, Erich Dollansky<erich@apsara.com.sg> > wrote: > > Hi, > > > > On 27 August 2009 am 11:10:37 Adam Vande More wrote: > >> On Wed, Aug 26, 2009 at 9:59 PM, APseudoUtopia > > <apseudoutopia@gmail.com>wrote: > >> > > >> > Also, how memory-intensive is a jail? > >> > >> Very light when compared to other virtualization methods. > > > > jails share the kernel but not the world. > > > > So, there will be only one kernel loaded but all libraries in use > > will be loaded individually by each jail when needed. > > > > Jails need some more disk space as the world, all libraries needed > > and all applications needed are installed individually in each > > jail. > > > > This can be minimised with proper planning of what runs it what > > jail. > > > > Erich > > > > Thanks for the helpful replies. I have a couple of questions: > > When a jail is compromised, the only thing I have to do to recover the > system is delete the jail and create a new one, correct? The host > system is untouched even if a jail is compromised? Really depends on how you're using the jail, but under standard usage yes. > > > And how does the upgrade process work? I know the userland must be the > same for the host system and the jail. If I want to upgrade to, say, > FreeBSD 8 when released, what is the process? I'd imagine it goes > something like this, but I'm not sure: > -Shut down jail > -Upgrade host system > -Install host binaries > -Install jail binaries > -Restart jail > > Or is there more to the process than what it seems? That's the basic process, however as mentioned before checkout ezjail. It makes administering multiple jails much easier and can save you disk space. > > > Thanks again. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > -- Adam Vande More
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6201873e0908270803k639b4742w1211d686607f7e9>