> Am 28.10.2015 um 22:05 schrieb Miroslav Lachman <000.f...@quip.cz>: > > Valeri Galtsev wrote on 10/28/2015 21:25: >> >> On Wed, October 28, 2015 1:41 pm, Michael B. Eichorn wrote: >>> On Wed, 2015-10-28 at 13:27 -0400, Ernie Luzar wrote: >>>> Valeri Galtsev wrote: >>>>> Dear All, >>>>> >>>>> Can someone recommend something similar to FreeBSD handbook that >>>>> describes >>>>> building jails for newer systems meaning /etc/jail.conf as opposed to >>>>> /etc/rc.conf which handbook currently has in its jails chapter. I >>>>> still >>>>> have all jail configurations on 9.3 boxes in /etc/rc.conf, but it is >>>>> time >>>>> to build 10.x production boxes, and do things modern way (implying >>>>> /etc/jail.conf). I still intend to keep building jails "old fashion >>>>> way" >>>>> as described in handbook, as opposed to using tools "ezjail" or >>>>> similar. >>>>> >>>>> Thanks for all your advises! >>>>> >>>>> Valeri >>>>> >>>> >>>> Check out the jail-primer and qjail port. >>> >>> (adding freebsd-jail list) >>> >>> Ernie, I don't think that this is what Valeri was looking for. Those are >>> both jail-management utilities not really documentation on using jail(8) >>> via configuration using jail.conf(5). >>> >>> I would be indeed be interested in a modern best-practices guide for >>> using the base system jail management tools. >> >> Michael, thanks for your comment. You certainly are right. >> >> Ernie, thanks for your pointers. They are not exactly a chapter on how to >> do the whole jail manually new style - exactly as Michael says - similar >> to what is found in FreeBSD handbook (alas, for old style). However, >> thanks to your pointer, I've found http://jail-primer.sourceforge.net/ >> which at a first glance looks comprehensive and decent reading, and >> combined with my experience of setting up jails "by the book" in the past, >> is sufficient for me to do the same /etc/jail.conf way - I've got one >> running already; it will need some careful walkover sill, but I'm in >> business. > > You can do your work with jails the same way (creation, updating, > upgrading...). You just need to convert your rc.conf configuration in to > jail.conf, which is more flexible. > Automatic conversion (by rc.d/jail from FreeBSD 10.x) didn't work for me. > Manual creation of jail.conf was easy.
we currently use ezjail and on other boxes we roughly do it like this: http://savagedlight.me/2014/03/14/freebsd-jail-server-with-zfs-clone-and-jail-conf/ at least, that’s pretty close to how we do it. On UFS based systems we use cpdup instead of the ZFS cloning. For upgrades, we use Matt Simerson’s very nice `jailmanage` script: https://www.tnpi.net/computing/freebsd/jail_manage.txt which is pretty straight forward and just helps you with things (running freebsd-update etc) and doesn’t lock you in. Our jail.conf looks like this: -- exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; mount.devfs; path = "/usr/jails/$name“; jailname { host.hostname = 'jailname'; ip4.addr = x.x.x.x; } -- and then we just repeat the jailname-blocks. `jailmanage` expects each block to start like this. HTH, Philip _______________________________________________ freebsd-jail@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
