HOWTO setup freebsd jails

From Chaos

This article is part of the HOWTO series.

Contents 1 Summary 2 Caveats 3 Details 3.1 Setup the host 3.2 Install world & dist 3.3 Activate Jail 4 References

Summary

This article is here to remind me on how to install Jails on FreeBSD 6.1. YMMV.

Caveats

We will be using the following terminology when setting up our new Jail environment.

Host

The system that is actually hosting the jails.

Jail

The actual jail environment.

jail-dev.domain.com

The hostname of the new Jail development environment.

n.n.n.n

The IP address associated with jail-dev.domain.com.

Details

Setup the host

1. First thing is first, disable all extraneous services (inetd, syslogd, sshd, etc.) from listening on anything but the IP address that you have assigned to the Host. This is to avoid confusion when logging in remote (IE, you think you are logging in to the remote Jail session, but you are infact logging in to the Host because SSHD is set to listen on 0.0.0.0:22. 2. Add a line to /etc/hosts for jail-dev.domain.com pointing to n.n.n.n. This will be used for testing, and is only to avoid modifying DNS at the moment.

n.n.n.n            jail-dev.domain.com.

Install world & dist

1. Now that you have disabled un-needed services, we are going to build the world and install it into a staging area, /home/jail/jail-dev. Run the following on the Host, it will make the world and distribution in $DEST, and mount devfs in the new Jail.

cd /usr/src
set DEST=/home/jail/jail-dev
mkdir -p $DEST
make world DESTDIR=$DEST
make distribution DESTDIR=$DEST
mount_devfs devfs $DEST/dev
cd $DEST
touch etc/fstab
ln -sf dev/null kernel
mkdir $DEST/usr/ports
mount_nullfs /usr/ports $DEST/usr/ports
mount_nullfs /usr/src $DEST/usr/src

Activate Jail

1. Activate the new Jail environment, and run /etc/rc to startup everything. Don't forget to set the root password, and modify /etc/ssh/sshd_config on the jail system to enable root SSH access!!

root@jailhost:/usr/src# jail $DEST jail-dev.domain.com n.n.n.n /bin/sh /etc/rc

root@jail:/# /bin/sh /etc/rc

root@jail:/# passwd root

References

• http://www.onlamp.com/pub/a/bsd/2006/03/09/jails-virtualization.html
• http://www.section6.net/wiki/index.php/Creating_a_FreeBSD_Jail