From owner-freebsd-isp@FreeBSD.ORG Tue Oct 27 18:41:33 2009 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E3D3C106568F; Tue, 27 Oct 2009 18:41:33 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) by mx1.freebsd.org (Postfix) with ESMTP id 9E9A68FC0C; Tue, 27 Oct 2009 18:41:33 +0000 (UTC) Received: from localhost (localhost.codelab.cz [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 550BE19E023; Tue, 27 Oct 2009 19:41:32 +0100 (CET) Received: from [192.168.1.2] (r5bb235.net.upc.cz [86.49.61.235]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id CE18F19E019; Tue, 27 Oct 2009 19:41:29 +0100 (CET) Message-ID: <4AE73ED9.5000505@quip.cz> Date: Tue, 27 Oct 2009 19:41:29 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 X-Accept-Language: cz, cs, en, en-us MIME-Version: 1.0 To: "Tonix (Antonio Nati)" References: <4AE6C7BD.907@interazioni.it> <4AE7232E.2070208@quip.cz> <4AE728F8.7020809@interazioni.it> In-Reply-To: <4AE728F8.7020809@interazioni.it> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org, freebsd-jail@freebsd.org Subject: Re: Jails creation X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2009 18:41:34 -0000 Tonix (Antonio Nati) wrote: > Miroslav Lachman ha scritto: [...] >> You are not the first one with this idea. You can easily use nullfs >> mount of directories from base system, but people mostly prefer >> independent directory with jail install shared by many jails. >> >> And sometimes somebody needs jails with modified binaries, so it is >> not possible to share theme with base system in all cases. >> >> There are many ways to get jails running without sources, it is up to >> you to choose one. [...] > I have nothing against shared dirs, but my question is this: why the > basic jail creation command requires compilation? Given the fact jail > must have exactly the same version of base system, why the base create > command dos not simply copy the existing binaries? It would avoid local > source, remote packages, etc... It is not true. Jail command does not requires compilation, nor exactly same version. I am running 6.x version jail on system with 7.2 and you can run 32bit (i386) jail on 64bit (amd64) system. The `jail` command is there just for starting the jail, not for building it. The jail even does not need to be a full installed system! There are too many different scenarios with jails, that there can not be "one command to satisfy them all". It is up to administrator to prepare the best environment for his/her needs. If you need the full copy of the base system, you can do it really easily (by tar as was suggested by Vincet Hoffman or dump & restore), and if you do it for each jail, you loose the benefits of shared read-only base directory (you will need more disk space and more memory). If you do not want to spend some time by compilation, you can install the jail from installation media you already have from system install. cd /some/media/7.2-RELEASE/base mkdir /path/to/myjail setenv DESTDIR /path/to/myjail sh install.sh That's all! It is too simple in contrast to source build or manually copy something from base. If you are using ZFS, you can use snapshots and clones... And many more scenarios exist. I am CCing freebsd-jail@, it is more appropriate list to contionue. Miroslav Lachman