From owner-freebsd-questions@FreeBSD.ORG Mon Feb 12 11:08:38 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id CF37316A406 for ; Mon, 12 Feb 2007 11:08:38 +0000 (UTC) (envelope-from wolf@k18.ch) Received: from mail.k18.ch (mail.k18.ch [62.2.105.52]) by mx1.freebsd.org (Postfix) with ESMTP id 6E1BB13C4AC for ; Mon, 12 Feb 2007 11:08:36 +0000 (UTC) (envelope-from wolf@k18.ch) Received: (qmail 91311 invoked from network); 12 Feb 2007 10:42:17 -0000 Received: by simscan 1.2.0 ppid: 91305, pid: 91308, t: 0.0850s scanners: attach: 1.2.0 clamav: 0.88.7/m:42/d:2556 Received: from efw.atel.k18.ch (HELO [192.168.10.51]) (Authenticated:wolf@[192.168.10.1]) (envelope-sender ) by mail.k18.ch (qmail-ldap-1.03) with AES256-SHA encrypted SMTP for ; 12 Feb 2007 10:42:16 -0000 Message-ID: <45D0446F.3060109@k18.ch> Date: Mon, 12 Feb 2007 11:41:51 +0100 From: Alain Wolf User-Agent: Thunderbird 1.5.0.9 (Windows/20061207) MIME-Version: 1.0 Newsgroups: gmane.os.freebsd.questions To: Dino Vliet References: <700107.12325.qm@web51115.mail.yahoo.com> In-Reply-To: <700107.12325.qm@web51115.mail.yahoo.com> X-Enigmail-Version: 0.94.2.0 OpenPGP: id=6CB1BC68; url=http://restkultur.ch/personal/wolf/wolf@restkultur.ch.asc Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: jail question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Feb 2007 11:08:38 -0000 On 11.02.2007 12:54, * Dino Vliet wrote: > Hi folks, > > I'm installing a nice system to use as my multimedia > box and already succeeded with geom-mirror. I want to > use a jail to isolate the p2p applications like > amule/emule and want to make sure that they only write > to an encrypted disk (currently RTFM on geli and gbde) > > However, I was wondering what happens with a jail if I > update the host system due to a security issue or > something else (recompile kernel and install world). > Do I need to define the jail again? If not, won't the > files in the jail stay at their previous versions > although the host system has been updated to a new > version? > > Or should I just RTFM on jails and come back a few Unfortunately there is not much to read for end-users, like us. > weeks from now:-) > > Thanks in advanced. Hi, Its never been a problem for my systems. Two machines running 19 jails. Done around a dozen system updates and also changing release from 6.0 to 6.2 using the same method was no problem at all. First proceed as the handbook describes for the host-system. After everything completes and your system and jails are up again rebuild you jails with as follows: # make -j4 buildworld # mergemaster -p -D /jails/example # make installworld DESTDIR=/jails/example # mergemaster -D /jails/example After that restart Jail. Done. In my case I work with different make.conf files for jails and host system, thats the reason why I rebuild world for the jails, If not you can just make installworld without rebuilding. If you have multiple jails, you can skip buildworld after first one. Hope this helps. Greetings Alain