Patching jails

[Tomasz Makulski]

mount_null -o ro /usr/src /jail/usr/src and then follow follow the regular
procedure from inside the jail/chroot.

PS you can always use rsync ;>

Best Regards
Tom
----- Original Message ----- 
From: "John Kozubik" <john at kozubik.com>
To: "V. Jones" <vjones62 at earthlink.net>
Cc: <freebsd-security at freebsd.org>
Sent: Thursday, September 18, 2003 12:28 PM
Subject: Re: Patching jails


>
> Hello,
>
> On Thu, 18 Sep 2003, V. Jones wrote:
>
> > I'm going to apply the ssh patch.  Applying it to the "real" server
> > seems straightforward enough, but I'm wondering what the right procedure
> > is to apply this patch to my jailed servers.
>
> No special procedure is necessary.  Log into the jail, su to root, and
> follow the instructions in the SA - they will work just fine.
>
> You may or may not have a populated /usr/src/secure though - you can get
> it with cvsup, however it is faster and easier to simply tar up the
> /usr/src/secure on the base system and untar it in the jail.  I presume
> this to be safe, as there should never be a version mismatch between the
> base system and the jails running on it.
>
> The procedure in the sendmail SA that was released yesterday will also
> work fine inside of a jail.  Again, make sure you have /usr/src/usr.sbin
> and /usr/src/lib, and so on in the jail.
>
> -----
> John Kozubik - john at kozubik.com - http://www.kozubik.com
>
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to
"freebsd-security-unsubscribe at freebsd.org"