[RFC] Skeleton jail (rc.d feature proposal)
Alexander Leidinger
Alexander at Leidinger.net
Wed Feb 11 03:20:41 PST 2009
Quoting Xin LI <delphij at delphij.net> (from Tue, 10 Feb 2009 19:52:50 -0800):
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Lawrence Stewart wrote:
>> Xin LI wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>> Hi,
>>>
>>> Ok, some local users has prodded me in committing the "skeleton jail"
>>
>> [snip]
>>
>> Can you describe how this differs from the functionality provided by the
>> ezjail port? (/usr/ports/sysutils/ezjail/)
>
> I think they have different targets. Skeleton jail is more lightweight
> which is only very few lines of changes to the base system (i.e. the aim
> is to provide convenient shortcut for common tasks, not to be a complete
> solution); the functionality provided by skeleton jail, on the other
> hand, could be useful building blocks to ezjail.
Ezjail already has this skeleon feature. It's used for every jail you
create with ezjail. You can then upadate this skeleton, and you update
the basesystem of all jails at once. Your solution looks a little bit
more generic, as you can use a different skeleton for each jail. The
make installskel part could be compatible with ezjail, but I'm not
sure if the rc.d part could be used easily by ezjail. Ezjail is
nullfs-mounting (RO) the skeleton into each jail, and it has symlinks
from the normal directory layout to the "<jail>/basejail/..."
location. It creates the basejail by doing a full install and then
removing some parts.
Maybe you can have a look at ezjail to see the requirements of it?
It's simple to setup, you just need to specify the path to the
location where you want all jails to be installed to, and then you can
install a jail (it does a buildworld if ou do not tell to skip this
part, e.g. becuse you already did one yourself).
Bye,
Alexander.
--
God said it, I believe it and that's all there is to it.
http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
More information about the freebsd-rc
mailing list