------- Forwarded message ------- From: "Ricardo A. Reis" <[EMAIL PROTECTED]> To: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Cc: "freebsd-current@freebsd.org" <freebsd-current@freebsd.org> Subject: Prototyping for basejail distribuition Date: Thu, 13 Apr 2006 17:21:38 -0300 Hi, I attach 2 files in this email, the first is a Makefile and the second is jail.conf. For demonstre my idea i resolved create one "Pseudo Prototyping", for test is necessary: 1 - Create dir /usr/local/basejail 2 - Copy Makefile to /usr/local/basejail 3 - Copy jail.conf to /etc 4 - The initial basejail is precompiled is distributed in CD1, for simular basejail is necessary a installworld structure in /usr/local/basejail cd /usr/src ; make installworld DESTDIR=/usr/local/basejail Now is necessary config jail.conf, ----- #sample template for create freebsd jail # # RC.CONF GLOBAL VARIABLES # exec_start="/bin/sh /etc/rc" exec_stop="/bin/sh /etc/rc.shutdown" devfs_enable="NO" fdescfs_enable="NO" procfs_enable="NO" mount_enable="NO" devfs_ruleset="ruleset_name" flags="-l -U root" # # JAIL RC.CONF # sendmail_enable="NO" inetd_flags="-wW -a" rpcbind_enable="NO" network_interfaces="" # # FILES # copy_to_jail="/etc/localtime /etc/resolv.conf /etc/csh.cshrc /etc/csh.login" # # JAILS # jail_node01_rootdir="/usr/jail/node01" jail_node01_hostname="node01.example.com" jail_node01_ip="127.0.0.1 " jail_node02_rootdir="/usr/jail/node02" jail_node02_hostname="node02.example.com" jail_node02_ip="127.0.0.2 " ------- In this moment is possible create large numbers of jail, i implemente in makefile, [EMAIL PROTECTED]:/usr/local/basejail] # make
Sample in /usr/share/examples/etc/jail.conf
jail == create jail rcconf == create rc.conf for start jails etcconfig == create rc.conf for jails and copy file showconfig == show information Thanks for any comments, Sorry for my english and poor Makefile. -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
Makefile
Description: Binary data
jail.conf
Description: Binary data
_______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
