==========
Jail HOWTO
==========
J=/usr/local/jail/00.00.00.101
mkdir -p $J
cd /usr/src
make installworld DESTDIR=$J
cd etc
make distribution DESTDIR=$J
cd $J
mount_devfs devfs $J/dev
ln -sf kernel dev/null # [Edit]: changed from this 9 April 2007: ln -sf kernel dev/null
---
------------------------
## /etc/mail/hostname.mc
DAEMON_OPTIONS(`Port=smtp, Name=MTA, Addr=sushi.example.com')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA_localhost, Addr=127.0.0.1')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, Addr=sushi.example.com, M=s')dnl
------------------------
---------------------
## /etc/ssh/sshd_conf
ListenAddress IP.OF.HOST.MACHINE
---------------------
---------------
## /etc/rc.conf
ifconfig_em0_alias1="inet 00.00.00.101 netmask 255.255.255.255"
## jail stuff
# general settings
jail_enable="YES"
jail_list="miso" # add to list for more jails
# jail specific settings for jail "miso"
jail_miso_rootdir="/usr/local/jail/00.00.00.101"
jail_miso_hostname="miso.example.com"
jail_miso_ip="00.00.00.101"
jail_miso_interface="em0"
jail_miso_exec="/bin/sh /etc/rc"
jail_miso_devfs_enable="YES"
jail_miso_procfs_enable="YES"
---------------
## Load the entropy for sshd
mount_devfs devfs /usr/local/jail/00.00.00.101/dev
jail /usr/local/jail/00.00.00.101 miso.example.com 00.00.00.101 /bin/sh
sh /etc/rc
exit
umount /usr/local/jail/00.00.00.101/dev
# Let 'er rip
/etc/rc.d/jail start
Okay, I just read the Wiki for Freebsd Jail. I have put it off and put it off but I have another machine that is gathering dust so I'm going to install Free BSD and start to experience FREEdom.
Posted by: Tallulah Bankhead | 10/14/2006 at 12:29 AM
[this is good] Awesome how-to derF! You did leave miso's IP in the jail settings rc.conf example, however. ;)
Posted by: James G. | 01/04/2007 at 07:54 PM
Nice catch—I've sanitized that IP now. Thanks!
Posted by: Fred | 01/05/2007 at 08:14 AM