[PATCH FOR REVIEW] Implementation of skeleton jail
Ruslan Ermilov
ru at FreeBSD.org
Sat May 20 01:01:50 PDT 2006
On Sat, May 20, 2006 at 03:21:00PM +0800, Xin LI wrote:
> Hi, folks,
>
> Here is an implementation of what I call it "skeleton jail". The idea
> is that it is more or less to be common that we do not want to actually
> copy of the base system (sometimes even other stuff) across zillions of
> jails.
>
> The skeleton jail is an approach that makes management of such jails
> easier, by making use of mount_nullfs(8) to make read-only shadow or
> read-write shadow from the so-called "skeleton root".
>
> For instance, by default the skeleton jail would mount the following
> directories from the skeleton root (/) to the jail:
>
> bin -> ${_root}/bin
> sbin -> ${_root}/sbin
> lib -> ${_root}/lib
> libexec -> ${_root}/libexec
> usr/bin -> ${_root}/usr/bin
> usr/sbin -> ${_root}/usr/sbin
> usr/include -> ${_root}/usr/include
> usr/lib -> ${_root}/usr/lib
> usr/libdata -> ${_root}/usr/libdata
> usr/libexec -> ${_root}/usr/libexec
> usr/sbin -> ${_root}/sbin
> usr/share -> ${_root}/share
>
> In order to create the environment that is suitable for the skeleton
> jail (say, create the directory hierarchy, populate the /etc/ stuff,
> etc, but not the actual installworld), I have added a new target
> "installskel" to src/Makefile which will help the work.
>
You really don't want the new "installskel" target, instead please use
the existing "distrib-dirs" and "distribution" targets from src/Makefile.
Cheers,
--
Ruslan Ermilov
ru at FreeBSD.org
FreeBSD committer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-rc/attachments/20060520/b98e2e15/attachment.pgp
More information about the freebsd-rc
mailing list