Just had to setup a brand new box with a fresh FreeBSD 6.1 to house applications in separate Jails , from several machines that still have been running 4.11.
Coinsidence wants it, that just the same day Dirk Engling releases a beta of his new ezjail tool , that will make efficient Jail handling in FreeBSD even easier:
In the future (once it's out of beta and in the ports tree) you'll be able to do the following:
cd /usr/ports/sysutils/ezjail su root make install exit su root ezjail-admin install ezjail-admin create jail.mocha.ch 10.0.1.10
...and there you've got your jail :-) ...weighing in at only 2MB of disk space!!!
To start all the jails you create like this at startup, just add the following to /etc/rc.conf:
ezjail_enable="YES"
To prevent syslogd from the host environment to get in the way of the one inside the jail, add the following to /etc/rc.conf:
syslogd_flags="-ss"
Similarly, to bind sshd in the host environment to its IP, add the following to /etc/ssh/sshd_config:
ListenAddress 10.0.1.100 # the IP of your host environment
To automatically setup your jails the way you like them, with default user accounts and all, just create a "flavor" and apply it when you create the jail:
cp -Rp /usr/jails/flavours/default /usr/jails/flavours/myflavor
...then edit the files in there to your liking, and...
ezjail-admin create -f myflavor jail.mocha.ch 10.0.1.10
Voilà! I'm impressed!
23.5.2006, 13:37