Date: Sun, 2 Jun 2019 10:20:56 +0200 From: Andrea Venturoli <ml@netfence.it> To: freebsd-questions@freebsd.org Subject: Re: to jail or not to jail Message-ID: <8311ce78-d07b-0b3f-ac79-a553284c1578@netfence.it> In-Reply-To: <CAPORhP4pbfCC96PXOeErJgswX_2dh%2BmXcBb1TrH6F0f5oN-wDw@mail.gmail.com> References: <CAPORhP4pbfCC96PXOeErJgswX_2dh%2BmXcBb1TrH6F0f5oN-wDw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/2/19 2:30 AM, David Mehler wrote: > What I'm wondering is if I should jail off these services IMO yes, you should. > If I do this how would I > get the tls certificates in to each jail, I'm looking for the maximum > automation. I use acme.sh on the base host: of course it has access to jails' filesystem, so it simply puts each certificate into place (as if it was in base but with /usr/jails/.../ prepended). bye av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8311ce78-d07b-0b3f-ac79-a553284c1578>