From owner-freebsd-questions@FreeBSD.ORG Wed Mar 21 15:30:28 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 575CE16A407 for ; Wed, 21 Mar 2007 15:30:28 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from mail.potentialtech.com (internet.potentialtech.com [66.167.251.6]) by mx1.freebsd.org (Postfix) with ESMTP id 2A0C413C4BE for ; Wed, 21 Mar 2007 15:30:27 +0000 (UTC) (envelope-from wmoran@potentialtech.com) Received: from vanquish.pgh.priv.collaborativefusion.com (pr40.pitbpa0.pub.collaborativefusion.com [206.210.89.202]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.potentialtech.com (Postfix) with ESMTP id 553D5EBC6D; Wed, 21 Mar 2007 11:30:27 -0400 (EDT) Date: Wed, 21 Mar 2007 11:30:26 -0400 From: Bill Moran To: "Jonathan Horne" Message-Id: <20070321113026.73d33795.wmoran@potentialtech.com> In-Reply-To: <42991.167.246.36.14.1174490156.squirrel@webmail.dfwlp.org> References: <42991.167.246.36.14.1174490156.squirrel@webmail.dfwlp.org> X-Mailer: Sylpheed 2.3.1 (GTK+ 2.10.9; i386-portbld-freebsd6.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: started playing with jails X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Mar 2007 15:30:28 -0000 In response to "Jonathan Horne" : > i started playing with jails today, and after following and re-following the man > page and the freebsddiary article a few times, i finally got it to work! i have > one jail that starts on startup, and actually the hump i was getting over was > getting the jail to actually kick off the sshd daemon. all that is working, and > i can reboot my host, and then log into the jail that auto-starts via ssh. > > a couple of general questions that i cannot find the answers to: > > 1) if i want more than one jail, what is the proper syntax in the host's > /etc/rc.conf file for the jail_list="jailed" statement? multiple jail_list > lines, or a single line that specifies more than one jail? > 2) what happens to a jail when i 'shutdown -p now' on the host? what caveats do > i need to watch for when rebooting or shutting down the host? > 3) i would like to build some ports in my jailed process, but for my > environment, this requires mounting the export from my main box on my network. > so far, i am not able to mount a NFS share to /usr/ports (mount_nfs: /usr/ports: > Operation not permitted). If you're shooting purely for usability, I recommend the ezjail port, which adds some additional admin scripts on top of the stock jail system that (in my opinion) make things a lot easier. -- Bill Moran http://www.potentialtech.com