From owner-freebsd-questions@FreeBSD.ORG Tue Jan 6 23:49:30 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 03CC416A4CE for ; Tue, 6 Jan 2004 23:49:30 -0800 (PST) Received: from zim.0x7e.net (zim.0x7e.net [203.38.184.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1CD2743D41 for ; Tue, 6 Jan 2004 23:49:28 -0800 (PST) (envelope-from listone@deathbeforedecaf.net) Received: from goo.0x7e.net ([203.38.184.164] helo=goo) by zim.0x7e.net with smtp (Exim 3.36 #1) id 1Ae8RS-0006ra-00; Wed, 07 Jan 2004 18:19:26 +1030 Message-ID: <010101c3d4f2$c5f49320$a4b826cb@goo> From: "Rob" To: , "Chad Leigh -- Shire.Net LLC" References: <13B5D138-40E2-11D8-B8B0-003065A70D30@shire.net> Date: Wed, 7 Jan 2004 18:19:25 +1030 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: jails; sharing parts of file system; mounting pieces of file system in other positions, etc. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jan 2004 07:49:30 -0000 Chad Leigh asked on Wednesday January 07, 2004: > > On linux you can do a > > % mount -bind olddir newdir > > to remount a piece of the FS somewhere else. The NullFS on FBSD seems > to allow similar things. However, as much as I could find on NullFS in > Google seems to indicate that it is pretty much broken and shouldn't be > used. > > What I want to do is run several jails that would share the "read only" > pieces of a system like / /bin /sbin /usr/bin /usr/sbin and stuff like > that. Each jail would have their own /etc and other places that would > need to be different and writable. This way I only have to update the > system once when I upgrade and not do all my various jails one at a > time. Of course, some things would need to be done for each jail (etc > updates etc) but this would minimize it... > > Is this a possible thing to do under FBSD? How are others doing it? > > Thanks for your input > > Chad > I'm currently setting up my 4.9-RELEASE webserver to do something similar - each jail gets a root filesystem, but /usr is shared readonly by all of them. The exception is /usr/local/etc, which is symlinked to /etc/local (in the jail). My impression, though I don't have much to back this up with, is that nullfs is reliable enough in read-only mode. Other folks may have a different opinion.