Date: Fri, 20 Apr 2001 19:24:07 +0300 From: Odhiambo Washington <wash@wananchi.com> To: Roelof Osinga <roelof@nisser.com> Cc: FBSD-Q <freebsd-questions@freebsd.org> Subject: Re: Starting JAIL Message-ID: <20010420192407.A62988@everest.wananchi.com> In-Reply-To: <3ADB6418.D9B96B6F@nisser.com>; from "Roelof Osinga" on Mon, Apr 16, 2001 at 11:28:56PM %2B0200 References: <20010416134036.A2022@everest.wananchi.com> <3ADB6418.D9B96B6F@nisser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--ZPt4rx8FFjLCG7dd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Roelof Osinga <roelof@nisser.com> [20010417 00:28]: writing on the subjec= t 'Re: Starting JAIL' Roelof> Odhiambo Washington wrote: Roelof> >=20 Roelof> > I am only writing to seek views from those already running JAIL Roelof> > Well, I just need some advise with JAIL as far as starting up the= JAIL Roelof> > is concerned.I did my fisrt jail yesterday but was wondering how = to Roelof> > start the jails everytime I reboot the host server. Do you have a= nice way Roelof> > to do it? Some script to automate this? I hate to think I haveto = start the Roelof> > JAIl by hand everytime. Roelof> > Secondly, how do you ensure the safety of your jail? I mean it is= possible Roelof> > that when i am logged in as root in the host server I can still m= essup Roelof> > files in the jail, right? the JAIL being a guest system, is there= a Roelof> > way to ensure noone can delete/modify those files accidentally? Roelof>=20 Roelof> Put them into a script and put that script into /usr/local/etc/rc.d. Roelof> Depending on your release you might need to check the first param Roelof> for a "start" or "stop" content. Roelof>=20 Roelof> You don't. Jail it might be, but it's still chroot() based (granted, Roelof> I'll be whipped horribly if tell it wrong... but, hey! You only live Roelof> once ;) and chroot's can be broken out of. Especially when you hand Roelof> them a shell. Roelof>=20 Roelof> HTH, Roelof>=20 Roelof> Roelof Hi Roelof, I have put the script in rc.d but it complains alot when it starts. Not that I did not specify start) and stop) but the boot messages for jail also go into the console!!! Secondly, how does one install applications inside jail?? Sysinstall doesn't work for me, or is there something the man page is silent about here? I am surprised that those users running jail are not responding to my queries. I always search the archives 1st before I get to the list. i only expose my ignorance when I MUST ;-)=20 TIA -Wash -- Odhiambo Washington Wananchi Online Ltd., wash@wananchi.com 1st Flr Loita Hse Tel: 254 2 313985 Loita Street., Fax: 254 2 313922 PO Box 10286, 00100-NAIROBI,KE. Double Bucky (Sung to the tune of "Rubber Duckie")=09 Double bucky, you're the one! You make my keyboard lots of fun Double bucky, an additional bit or two: (Vo-vo-de-o!) Control and Meta side by side, Augmented ASCII, nine bits wide! Double bucky, a half a thousand glyphs, plus a few! Double bucky, left and right OR'd together, outta sight! Double bucky, I'd like a whole word of Double bucky, I'm happy I heard of Double bucky, I'd like a whole word of you! -- (C) 1978 by Guy L. Steele, Jr. --ZPt4rx8FFjLCG7dd Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE64GKnn7LIsuxjem8RAp/VAKC7ZOII4cS1b9aUF/qxRmeOoMkPCQCgr/KD AdZOvt5sjcngS21gNhUzMZc= =OsS8 -----END PGP SIGNATURE----- --ZPt4rx8FFjLCG7dd-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010420192407.A62988>