From owner-freebsd-stable Thu Jun 7 12:19:17 2001 Delivered-To: freebsd-stable@freebsd.org Received: from mail.gmx.net (pop.gmx.net [194.221.183.20]) by hub.freebsd.org (Postfix) with SMTP id 2C13D37B401 for ; Thu, 7 Jun 2001 12:19:12 -0700 (PDT) (envelope-from Gerhard.Sittig@gmx.net) Received: (qmail 1470 invoked by uid 0); 7 Jun 2001 19:19:07 -0000 Received: from p3ee2164c.dip.t-dialin.net (HELO speedy.gsinet) (62.226.22.76) by mail.gmx.net (mail07) with SMTP; 7 Jun 2001 19:19:07 -0000 Received: (from sittig@localhost) by speedy.gsinet (8.8.8/8.8.8) id SAA22223 for freebsd-stable@freebsd.org; Thu, 7 Jun 2001 18:55:34 +0200 Date: Thu, 7 Jun 2001 18:55:34 +0200 From: Gerhard Sittig To: freebsd-stable@freebsd.org Subject: Re: Jail+NIS Message-ID: <20010607185534.J17514@speedy.gsinet> Mail-Followup-To: freebsd-stable@freebsd.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Mailer: Mutt 1.0i In-Reply-To: ; from bjoern@loenneker.com on Thu, Jun 07, 2001 at 07:14:09AM +0200 Organization: System Defenestrators Inc. Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jun 07, 2001 at 07:14 +0200, Bj=F6rn L=F6nneker wrote: >=20 > I want to implement a jail system for a shell server and have > two questions: >=20 > How do I correctly dublicate a jail? Is it simply a matter of > making and configuring a master jail and then 'cp -pR master > jail2' or isnt it that easy? Depends. How much of special configuration went into your jail? If you just copy the tree over, you might "inherit" configuration setting which just don't fit the second jail (rc.conf settings, inetd and sshd config, etc). I made a script of the jail(8) manpage "Setting up a Jail Directory Tree" section which gets a single parameter (the jail's tree root) and does all the rest for me. It can even distinguish between first time installs and updates. If there's interest I could publish it; with some markup it could end in some doc or could be put somewhere into /usr/share/examples/jail/ (?). Since buildworld is done once only, compilation takes some 70 minutes. Populating / updating a jail takes seven minutes per tree (including the mostly nop'ed repetitive "make buildworld" runs). Plus there's the mergemaster runs in every tree. > Can I run multiple jails with one being a NIS master server and > another one being NIS client? Don't know about NIS, but I successfully ran Samba in PDC mode in one jail while Samba in another jail used the former to auth users. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net --=20 If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message