Source string Read only

(itstool) path: step/screen
132/1320
Context English State
At this point the new read-only template is ready, so the only remaining task is to remount the file systems and start the jails:
Use <command>jls</command> to check if the jails started correctly. Run <command>mergemaster</command> in each jail to update the configuration files.
Managing Jails with <application>ezjail</application>
Creating and managing multiple jails can quickly become tedious and error-prone. Dirk Engling's <application>ezjail</application> automates and greatly simplifies many jail tasks. A <emphasis>basejail</emphasis> is created as a template. Additional jails use <citerefentry><refentrytitle>mount_nullfs</refentrytitle><manvolnum>8</manvolnum></citerefentry> to share many of the basejail directories without using additional disk space. Each additional jail takes only a few megabytes of disk space before applications are installed. Upgrading the copy of the userland in the basejail automatically upgrades all of the other jails.
Additional benefits and features are described in detail on the <application>ezjail</application> web site, <link xlink:href="https://erdgeist.org/arts/software/ezjail/"/>.
Installing <application>ezjail</application>
Installing <application>ezjail</application> consists of adding a loopback interface for use in jails, installing the port or package, and enabling the service.
To keep jail loopback traffic off the host's loopback network interface <literal>lo0</literal>, a second loopback interface is created by adding an entry to <filename>/etc/rc.conf</filename>:
cloned_interfaces="lo1"
The second loopback interface <literal>lo1</literal> will be created when the system starts. It can also be created manually without a restart:
<prompt>#</prompt> <userinput>service netif cloneup</userinput>
Created clone interfaces: lo1.
Jails can be allowed to use aliases of this secondary loopback interface without interfering with the host.
Inside a jail, access to the loopback address <systemitem class="ipaddress">127.0.0.1</systemitem> is redirected to the first <acronym>IP</acronym> address assigned to the jail. To make the jail loopback correspond with the new <literal>lo1</literal> interface, that interface must be specified first in the list of interfaces and <acronym>IP</acronym> addresses given when creating a new jail.
Give each jail a unique loopback address in the <systemitem class="ipaddress">127.0.0.0</systemitem><systemitem class="netmask">/8</systemitem> netblock.
Install <package role="port">sysutils/ezjail</package>:
<prompt>#</prompt> <userinput>cd /usr/ports/sysutils/ezjail</userinput>
<prompt>#</prompt> <userinput>make install clean</userinput>
Enable <application>ezjail</application> by adding this line to <filename>/etc/rc.conf</filename>:
ezjail_enable="YES"
The service will automatically start on system boot. It can be started immediately for the current session:
<prompt>#</prompt> <userinput>service ezjail start</userinput>
With <application>ezjail</application> installed, the basejail directory structure can be created and populated. This step is only needed once on the jail host computer.
In both of these examples, <option>-p</option> causes the ports tree to be retrieved with <citerefentry><refentrytitle>portsnap</refentrytitle><manvolnum>8</manvolnum></citerefentry> into the basejail. That single copy of the ports directory will be shared by all the jails. Using a separate copy of the ports directory for jails isolates them from the host. The <application>ezjail</application> <acronym>FAQ</acronym> explains in more detail: <link xlink:href="http://erdgeist.org/arts/software/ezjail/#FAQ"/>.
To Populate the Jail with FreeBSD-RELEASE
For a basejail based on the FreeBSD RELEASE matching that of the host computer, use <command>install</command>. For example, on a host computer running FreeBSD 10-STABLE, the latest RELEASE version of FreeBSD -10 will be installed in the jail):
<prompt>#</prompt> <userinput>ezjail-admin install -p</userinput>
To Populate the Jail with <command>installworld</command>
buildworld
The basejail can be installed from binaries created by <_:buildtarget-1/> on the host with <command>ezjail-admin update</command>.
In this example, FreeBSD 10-STABLE has been built from source. The jail directories are created. Then <_:buildtarget-1/> is executed, installing the host's <filename>/usr/obj</filename> into the basejail.
<prompt>#</prompt> <userinput>ezjail-admin update -i -p</userinput>
The host's <filename>/usr/src</filename> is used by default. A different source directory on the host can be specified with <option>-s</option> and a path, or set with <varname>ezjail_sourcetree</varname> in <filename>/usr/local/etc/ezjail.conf</filename>.

Loading…

No matching activity found.

Browse all component changes

Things to check

Multiple failing checks

The translations in several languages have failing checks

Reset

Glossary

English English
No related strings found in the glossary.

Source information

Source string comment
(itstool) path: step/screen
Flags
no-wrap, read-only
Source string location
book.translate.xml:30881
String age
a year ago
Source string age
a year ago
Translation file
books/handbook.pot, string 5006