Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 12 Nov 2002 21:30:59 -0800 (PST)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        "Daniel O'Connor" <doconnor@gsoft.com.au>
Cc:        Hans Zaunere <zaunere@yahoo.com>, freebsd-hackers@FreeBSD.ORG
Subject:   Re: Shared files within a jail
Message-ID:  <200211130530.gAD5UxNt067928@apollo.backplane.com>
References:  <20021113034726.75787.qmail@web12801.mail.yahoo.com> <1037159767.66058.34.camel@chowder.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help 
    Try using null mounts.  The warning is in there because making the
    null mount code work is a real hack and the authors aren't entirely
    sure that everything's gotten covered.  That said, use of a null mount
    is certainly a lot safer if the stuff behind the mount is mostly
    static.  

    Note that you can also use localhost NFS mounts to replicate pieces of
    filesystems within jails, but you need to remember that the kernel 
    will wind up caching multiple copies of the data for these two cases
    and that NFS has file locking issues.

    Finally, keep in mind that disk space these days is quite cheap.  
    Duplicating the data is not as bad a way to go as you might think, and 
    it allows you to incrementally upgrade each jail.  It may suffice to use
    the null mount trick *only* for the big binaries and libraries that you
    really want to share, and it may be reasonable to use softlinks to
    accomplish it, like this:

    JAIL FILESYSTEM:

	/		complete copy of /
	/usr		complete copy of /usr
	/mnt		null mount of the master /
	/mnt/usr	null mount of the master /usr

	And then use softlinks to enforce binary sharing by default:

	/bin/*		instead of the binaries make softlinks to /mnt/bin
	/usr/bin/*		... softlinks to /mnt/usr/bin
	/usr/lib/*		... softlinks to /mnt/usr/lib
	/usr/local/lib/*	... softlinks to /mnt/usr/local/lib
	/usr/local/bin/*	... softlinks to /mnt/usr/local/bin

    So that way the user can remove the softlink and install his own
    copy of the software if he wishes, and mess with anything else as well.

    That's just an example.  There are a thousand ways to do it.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200211130530.gAD5UxNt067928>