ezjail Handbook section

Warren Block wblock at wonkity.com
Wed Aug 20 23:30:14 UTC 2014


On Wed, 20 Aug 2014, Warren Block wrote:

> On Wed, 20 Aug 2014, John Baldwin wrote:
>
>> On Tuesday, August 19, 2014 6:01:54 pm Warren Block wrote:
>>> On Mon, 4 Aug 2014, Warren Block wrote:
>>> 
>>>> Draft version of an ezjail section for the Handbook Jails chapter:
>>>> http://www.wonkity.com/~wblock/jails/jails-ezjail.html
>>>> 
>>>> This includes a complete setup at the end for running BIND in a jail.
>>>> In addition to a complete jail example, it can also serve as an example 
>>>> of
>>>> how to set up BIND now that the old chroot configuration is no more.
>>> 
>>> Asking for review again of the final version at the link above.  If
>>> there are no major complaints in the next few days, it will be
>>> committed.
>> 
>> It's not clear to me if you need lo1?  If you are using aliases on an 
>> external
>> interface as you would with a traditional jail then I think you don't need 
>> the
>> lo1 interface?
>
> It's there to keep jails from being involved with lo0 on the host.  But I 
> admit the explanation is fuzzy, and will seek clarification.

Updated.  It now says:

   To keep jail loopback traffic off the host's loopback network
   interface lo0, a second loopback interface is created by adding
   an entry to /etc/rc.conf:...


More information about the freebsd-doc mailing list