Tuesday, July 7, 2009

Install Jails In FreeBSD

I finally done to do jails in virtual freebsd in the bsd box.

here the step

ail is an virtual BSD in your current BSD Box… It uses the same kernel with ur BSD Box…

you can read the complete reference here or use man jail in the shell/ terminal window

I’ll only give a little explanation about this, this documentation will guide you so you’ll get a full new jailed system

OK this is the first step you must do…

Create a directory in a partition/slice which has largest freespace .. in this example i use /usr partition

# mkdir /usr/vbsd

# sysinstall

in sysinstall menu go to Custom > Options … in this section change the ‘Install Root‘ to /usr/vbsd

then exit by pressing Q.

then choose Distributions and select custom :

check list base, and others ( depend on your needs, i usually add man, ports, and local only :D ), in this case don’t choose kernel, because this jail system will use the same kernel as your host system.

After all’ve done, go to Media section and choose the proper media, you can use CD, FTP, etc. I prefer to use FTP because my campus network have a mirror of FreeBSD FTP, and it’s faster than read from CD.

after that… choose the last options ‘commit’ to install freebsd in that directory..

after finished….

you can enter to your jail system by type this to your shell window :

# jail /usr/vbsd/ 5.arc.itb.ac.id 167.205.3.47 /bin/tcsh

you’ll get yourself in new freebsd shell config your basic configuration like /etc/rc.conf, /etc/resolv.conf

(Check my other tutorial about this, note that jail system use the same interface as host system)

this is my /etc/rc.conf configuration for this new box :

defaultrouter=”167.205.3.1″
hostname=”5.arc.itb.ac.id”
ifconfig_rl0=”inet 167.205.3.37 netmask 255.255.255.192″
ipv6_enable=”YES”
nfs_client_enable=”YES”
ntpdate_enable=”YES”
ntpdate_flags=”ntp.kim.lipi.go.id”

#Daemon
sshd_enable=”YES”

and this is my /etc/resolv.conf

domain arc.itb.ac.id

nameserver 167.205.3.1

nameserver 167.205.22.123

I reccomend you to add user and change the root password.

I assume you have configured your Jail Box (added user, enable ssh, configure network, etc)

now switch to your host by pressing ctrl+D so you disconnect the jail server.

now we will start config jail daemon to be ran when system boot in /etc/rc.conf :

##Jail-Virtual##
jail_enable=”YES”
jail_list=”vmachine”
jail_vmachine_rootdir=”/usr/vbsd/”
jail_vmachine_hostname=”5.arc.itb.ac.id”
jail_vmachine_ip=”167.205.3.47″
jail_vmachine_devfs_enable=”YES”

#Network Alias

ifconfig_rl0_alias0=”inet 167.205.3.47 netmask 255.255.255.192″

add some config in /etc/sysctl.conf :

security.jail.allow_raw_sockets=1

restart your computer or just execute /etc/rc script :

# sh /etc/rc

now you can access your jail box via ssh….

Enjoy…

No comments:

Post a Comment