Date: Wed, 18 Jan 2017 11:01:17 -0600 (CST) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: byrnejb@harte-lyne.ca Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD-11 - EZJail - Sharing binary packages across jails Message-ID: <28071.128.135.52.6.1484758877.squirrel@cosmo.uchicago.edu> In-Reply-To: <2a7da910fc6258fefb87c4b8361b07bc.squirrel@webmail.harte-lyne.ca> References: <2a7da910fc6258fefb87c4b8361b07bc.squirrel@webmail.harte-lyne.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, January 18, 2017 9:27 am, James B. Byrne via freebsd-questions wrote: > I am attempting to discover if it is possible to add a binary package > to the base system and have that shared by all of the jails hosted > thereon. This would grossly depend on how you create jails. If you do it "by the book", namely, if the base system in nullfs read-only mounted in jails, then you will have no handle on that via pkg, as all places pkg in all jails use are imminently rw, that is outside of read-only mounted base. The only logical way out is to "fiddle with the base", by adding your custom binaries/libraries/... to base, these, however, will be outside of where pkg can manage stuff. I'm sure, someone will advise to not mix anything into base system (which is my feeling too). My experience, though, is restricted to 10.3 and lover, and to jails built "by the book". > However, I can find no clear discussion of this either in > the man pages or on the EZJail project site. Nor is there much > discussion in the FreeBSD Handbook or elsewhere respecting this > particular subject. > > I have empirically determined that simply installing a package on the > host does not expose it to the jails. However, it seems to me that > this must somehow be possible. No, ideally it should not be. If you build jails "by the book" they have their own base system (read-only inside jails), and their own read-write portion individual for each jail. And that is done on purpose. "No one in jail should be exercising rights and freedoms of free ones" ;-) Valeri > > Is there a reference which discusses this in some detail or has anyone > here a short précis they can share on how this is done? > > > -- > *** e-Mail is NOT a SECURE channel *** > Do NOT transmit sensitive data via e-Mail > Do NOT open attachments nor follow links sent by e-Mail > > James B. Byrne mailto:ByrneJB@Harte-Lyne.ca > Harte & Lyne Limited http://www.harte-lyne.ca > 9 Brockley Drive vox: +1 905 561 1241 > Hamilton, Ontario fax: +1 905 561 0757 > Canada L8E 3C3 > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?28071.128.135.52.6.1484758877.squirrel>