FreeBSD jail how-to in a nutshell

==========
Jail HOWTO
==========

J=/usr/local/jail/00.00.00.101
mkdir -p $J
cd /usr/src
make installworld DESTDIR=$J
cd etc
make distribution DESTDIR=$J

cd $J
mount_devfs devfs $J/dev
ln -sf kernel dev/null  # [Edit]: changed from this 9 April 2007: ln -sf kernel dev/null

————————
## /etc/mail/hostname.mc
DAEMON_OPTIONS(`Port=smtp, Name=MTA, Addr=sushi.example.com')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA_localhost, Addr=127.0.0.1')dnl
DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, Addr=sushi.example.com, M=s')dnl
————————

———————
## /etc/ssh/sshd_conf
ListenAddress IP.OF.HOST.MACHINE
———————

—————
## /etc/rc.conf
ifconfig_em0_alias1="inet 00.00.00.101 netmask 255.255.255.255"

## jail stuff
# general settings
jail_enable="YES"
jail_list="miso" # add to list for more jails

# jail specific settings for jail "miso"
jail_miso_rootdir="/usr/local/jail/00.00.00.101"
jail_miso_hostname="miso.example.com"
jail_miso_ip="00.00.00.101"
jail_miso_interface="em0"
jail_miso_exec="/bin/sh /etc/rc"
jail_miso_devfs_enable="YES"
jail_miso_procfs_enable="YES"
—————

## Load the entropy for sshd
mount_devfs devfs /usr/local/jail/00.00.00.101/dev
jail /usr/local/jail/00.00.00.101 miso.example.com 00.00.00.101 /bin/sh
sh /etc/rc
exit
umount /usr/local/jail/00.00.00.101/dev

# Let 'er rip
/etc/rc.d/jail start

Advertisements

3 thoughts on “FreeBSD jail how-to in a nutshell

  1. Okay, I just read the Wiki for Freebsd Jail. I have put it off and put it off but I have another machine that is gathering dust so I’m going to install Free BSD and start to experience FREEdom.

  2. [this is good] Awesome how-to derF! You did leave miso’s IP in the jail settings rc.conf example, however. 😉

Comments are closed.