JDK minimum chroot environment
Frank Behrens
frank at harz.behrens.de
Tue May 20 12:25:20 UTC 2008
Oliver Fromme wrote:
> I would like to create a chroot environment which will
> contain JDK 1.6 and a Tomcat-based application. The
> base system within the chroot (FreeBSD/amd64 7-stable)
> should be as small as possible.
I had this in the past with JDK1.4 and FreeBSD-5/6 in a jail. It was
a minimal system, I copied only the required libraries into the jail
(dependent from ldd output).
I can not guarantee that my following statements are still true for
current systems. Please note that I used i386 and your amd64 may have
other libraries.
> My current plan is to remove these things:
> - /rescue
Of course.
> - /usr/share except for /usr/share/misc/termcap.db
I had only /usr/share/zoneinfo
> - /usr/include
not used
> - /lib/*.a and /usr/lib/*.a (static libraries)
Yes.
> - compiler toolchain (gcc, cpp, ld, everything related).
Yes.
> - /sbin and /usr/sbin
/sbin/ldconfig may be necessary
in /usr/sbin I had daemon and nologin
in /bin I had only cat* csh* date* kill* mv* rm*
sh*
> - /usr/libexec
removed
I had only /libexec/ld-elf.so.1
> Will the JDK still work reliably without the above things?
I had it working for some time. The only difficult thing was the
update of binaries on OS updates. A full jail (ezjail) is easier to
handle.
> In particular, does it need any parts of the compiler tool
> chain (e.g. the linker or anything)?
No.
Regards,
Frank
--
Frank Behrens, Osterwieck, Germany
PGP-key 0x5B7C47ED on public servers available.
More information about the freebsd-java
mailing list