Date: Thu, 16 Oct 2003 08:53:52 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: John <strgout@unixjunkie.com> Cc: freebsd-ports@freebsd.org Subject: Re: make installjail maybe? Message-ID: <20031016075352.GA93769@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <20031016072800.GA41397@mail.unixjunkie.com> References: <20031016072800.GA41397@mail.unixjunkie.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--envbJBWh7q8WU6mo Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 16, 2003 at 02:28:00AM -0500, John wrote: > Is anyone working on someway to install ports into a jail? What i do most= of > the time for a small port (like bind or something) is i redefine PREFIX to > be /usr/jail/$ip, but there are a few problems with this. >=20 > 1. named now looks for /usr/jail/$ip/etc/named.conf by default. Not that = that > is hard to get around, but just a fyi. > 2. You can't install the port more then once without messing around with= =20 > the package install info (the stuff in /var/db/pkg). I've just been movi= ng > the package name from say bind-8.3.6 to bind-8.3.6-jail-path-to-jail-root= , but=20 > that is a little ugly ;). > 3. libs, passwd files, group (basicly userland). Most of the time i just = cheat > and staticly link the port ( setenv CLFAGS "-static"). This works fine fo= r bind > , but i haven't tested other apps. Then i copy the other userland bits. > maybe if there was a port that would just install a mini user land, based= off > /usr/src or something like that i wouldn't need to staticly link everythi= ng. There's two ways of looking at this. If you have a 'thick' jail -- essentially with a complete FreeBSD environment inside it, then you can just ssh(1) into the jail and install ports exactly as you would in the base system. To save space you can use mount_null(8) to remount /usr/ports from the base inside the jail -- this works well so long as you don't try installing ports simultaneously fron the jail and the base system, although by setting WRKDIRPREFIX in both environments you can even do that. To avoid compiling ports common to the jail and the base several times, just create packages in (say) the base, and pkg_add(1) them =66rom the jail. portupgrade(1)'s pkgtools.conf will let you automatically control using packages or ports down to the level of individual ports. For a thin jail -- ie. without a sufficiently complete environment that you can compile stuff inside the jail (or even if you do, but find this method preferable) then create a .../db/pkg directory for your jail (doesn't have to be inside the jailed area, although that doesn't hurt). Then simply set PKG_DBDIR in your environment to that directory: # setenv PKG_DBDIR /usr/jail/${ip}/var/db/pkg and install ports or packages using a similarly modified $PREFIX as before. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --envbJBWh7q8WU6mo Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/jk6QdtESqEQa7a0RAhHcAJ4jTtE+C+jvHdt7XNsWcQVErmslxgCfUQjF IkUVukD9+JKLd9cKgi9prUU= =H4js -----END PGP SIGNATURE----- --envbJBWh7q8WU6mo--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031016075352.GA93769>