From owner-freebsd-questions@FreeBSD.ORG  Sun Apr  3 23:23:15 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BD79916A4CF
	for <freebsd-questions@freebsd.org>;
	Sun,  3 Apr 2005 23:23:15 +0000 (GMT)
Received: from web61305.mail.yahoo.com (web61305.mail.yahoo.com
	[216.155.196.148])
	by mx1.FreeBSD.org (Postfix) with SMTP id 05E9A43D46
	for <freebsd-questions@freebsd.org>;
	Sun,  3 Apr 2005 23:23:15 +0000 (GMT)
	(envelope-from bill_ding5@yahoo.com)
Received: (qmail 49327 invoked by uid 60001); 3 Apr 2005 23:23:14 -0000
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=s1024; d=yahoo.com;
	b=CcRfdnT7FCnpI4eYe12wlmEY6sK9y62594lZYlc7POsmUGxLi+/ew8sHC1J8T3AbDLN9bvjJ6NgUuF0BRPgH//p3S9lja2nxGxI0w6LYaDhSJFApPFV7W7Iti7pOCk4+jNl/d1L52/4lvm6FDCcqQRlLxfh6//FqWVSvHAuhXNg=
	;
Message-ID: <20050403232314.49325.qmail@web61305.mail.yahoo.com>
Received: from [68.157.24.232] by web61305.mail.yahoo.com via HTTP;
	Sun, 03 Apr 2005 16:23:14 PDT
Date: Sun, 3 Apr 2005 16:23:14 -0700 (PDT)
From: Bill Ding <bill_ding5@yahoo.com>
To: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Subject: looking for jail tutorial
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Apr 2005 23:23:15 -0000

Hello,

Running 5.3-p6 on a box with two NICs.

I'm new to the list and FreeBSD in general. I'm trying
to find more documentation on jail(8) than is offered
in the man page. (I checked the Handbook but couldn't
find anything about jails. Did I miss it?) For
instance, the man page says:

NOTE: It is important that only appropriate device 
nodes in devfs be exposed to a jail; access to disk 
devices in the jail may permit processes in the jail
to
bypass the jail sandboxing by modifying files outside 
of the jail.

How do I know what the "appropriate device nodes" are
for a given jail? I want to run four jails: two
webservers, DNS, mail. After testing, the DNS and
email jails will be shutdown and the services moved to
separate machines. 
Also, do I configure identical Hosts files on each?
Should the jails be on different subnets for added
security or can they all be on the same subnet as the
host machine? 
Any help you can give would be appreciated!

Thanx,

Bill

The word 'politics' describes the situation so well:
'poli' meaning 'many' and 'tics' meaning 'bloodsucking
creatures'.





		
__________________________________ 
Do you Yahoo!? 
Make Yahoo! your home page 
http://www.yahoo.com/r/hs