pavement

Ezjail

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
(See also)
Line 52: Line 52:
  
 
==See also==
 
==See also==
* [[Jail Facility]] - uses ezjail alternative ''qjail''
+
* [[Jail Facility]] - mentions ezjail alternative ''qjail''
  
 
==References==
 
==References==

Revision as of 19:25, 6 March 2015

Ezjail is much easier to install and configure than using the sole program jail.

Contents

Installing and updating

Install ezjail:

% cd /usr/ports/sysutils/ezjail
% make install clean

Then create the basejail, manpages, source and ports tree in the basejail:

% ezjail-admin install -msp

In order to update the base through quick binary, and ports:

% ezjail-admin update -uP

For a better understanding of the options, type:

% man ezjail
% man ezjail-admin
  • Note: the -s flag has a different function when using the options install and update.

Configuring

% ifconfig wlan0 alias 192.168.1.20 netmask 0xffffff00 broadcast 192.168.1.255

To enable ezjail and its network connection, add to rc.conf:

% ifconfig_wlan0_alias0="inet 192.168.1.20 netmask 0xffffff00 broadcast 192.168.1.255"
% cloned_interfaces="${cloned_interfaces} lo1"
% ezjail_enable="YES"
% ezjail-admin create myjail 192.168.1.20
% cp /etc/resolv.conf /usr/jails/myjail/etc/

Your created jailname file in the directory /usr/local/etc/ezjail/ is where options can be set:

export jail_jailname_parameters="allow.raw_sockets=1"  # This allows network programs including ping to be used from the jail

Filesystems

Jail uses the module nullfs; it may be quickloaded or compiled into the kernel:

% kldload nullfs
% echo 'nullfs_load="YES"' >> /etc/rc.conf
options   NULLFS

Starting

% ezjail-admin start
  • restart, stop, startcrypto, and stopcrypto are other options

To see your jail and log in to it type:

% ezjail-admin list
% ezjail-admin console myjail

Once inside the jail, configure your date, and network settings similarly to how its done in the root operating system.

Archiving a jail

% ezjail-admin stop myjail
% ezjail-admin archive myjail
% ls /usr/jails/ezjail-archives/

See also

References

Personal tools