here the step
ail is an virtual BSD in your current BSD Box… It uses the same kernel with ur BSD Box…
you can read the complete reference here or use man jail in the shell/ terminal window
I’ll only give a little explanation about this, this documentation will guide you so you’ll get a full new jailed system
OK this is the first step you must do…
Create a directory in a partition/slice which has largest freespace .. in this example i use /usr partition
# mkdir /usr/vbsd
# sysinstall
in sysinstall menu go to Custom > Options … in this section change the ‘Install Root‘ to /usr/vbsd
then exit by pressing Q.
then choose Distributions and select custom :
check list base, and others ( depend on your needs, i usually add man, ports, and local only ), in this case don’t choose kernel, because this jail system will use the same kernel as your host system.
After all’ve done, go to Media section and choose the proper media, you can use CD, FTP, etc. I prefer to use FTP because my campus network have a mirror of FreeBSD FTP, and it’s faster than read from CD.
after that… choose the last options ‘commit’ to install freebsd in that directory..
after finished….
you can enter to your jail system by type this to your shell window :
# jail /usr/vbsd/ 5.arc.itb.ac.id 167.205.3.47 /bin/tcsh
you’ll get yourself in new freebsd shell config your basic configuration like /etc/rc.conf, /etc/resolv.conf
(Check my other tutorial about this, note that jail system use the same interface as host system)
this is my /etc/rc.conf configuration for this new box :
defaultrouter=”167.205.3.1″
hostname=”5.arc.itb.ac.id”
ifconfig_rl0=”inet 167.205.3.37 netmask 255.255.255.192″
ipv6_enable=”YES”
nfs_client_enable=”YES”
ntpdate_enable=”YES”
ntpdate_flags=”ntp.kim.lipi.go.id”#Daemon
sshd_enable=”YES”
and this is my /etc/resolv.conf
domain arc.itb.ac.id
nameserver 167.205.3.1
nameserver 167.205.22.123
I reccomend you to add user and change the root password.
I assume you have configured your Jail Box (added user, enable ssh, configure network, etc)
now switch to your host by pressing ctrl+D so you disconnect the jail server.
now we will start config jail daemon to be ran when system boot in /etc/rc.conf :
##Jail-Virtual##
jail_enable=”YES”
jail_list=”vmachine”
jail_vmachine_rootdir=”/usr/vbsd/”
jail_vmachine_hostname=”5.arc.itb.ac.id”
jail_vmachine_ip=”167.205.3.47″
jail_vmachine_devfs_enable=”YES”#Network Alias
ifconfig_rl0_alias0=”inet 167.205.3.47 netmask 255.255.255.192″
add some config in /etc/sysctl.conf :
security.jail.allow_raw_sockets=1
restart your computer or just execute /etc/rc script :
# sh /etc/rc
now you can access your jail box via ssh….
Enjoy…
No comments:
Post a Comment