Fwd: RE: looking for jail tutorial

Bill Ding bill_ding5 at yahoo.com
Sun Apr 3 18:11:28 PDT 2005 

  --- bob at a1poweruser.com wrote:
  
  > You should search this lists archives for answers first.
  > In the list archives I found this.
  > 
  > http://subwiki.honeypot.net/cgi-bin/view/Freebsd/JailAdmin
  > 
  > 
  > http://jailnotes.cg.nu/
  > 
  > > Does anyone have any bright ideas for good file system layouts
  > when
  > > running multiple jails?
  > 
  
  <snip>
  > 
  > -----Original Message-----
  > From: owner-freebsd-questions at freebsd.org
  > [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Bill
  Ding
  > Sent: Sunday, April 03, 2005 7:23 PM
  > To: freebsd-questions at freebsd.org
  > Subject: looking for jail tutorial
  > 
  > Hello,
  > 
  > Running 5.3-p6 on a box with two NICs.
  > 
  > I'm new to the list and FreeBSD in general. I'm trying
  > to find more documentation on jail(8) than is offered
  > in the man page. (I checked the Handbook but couldn't
  > find anything about jails. Did I miss it?) For
  > instance, the man page says:
  > 
  > NOTE: It is important that only appropriate device
  > nodes in devfs be exposed to a jail; access to disk
  > devices in the jail may permit processes in the jail
  > to
  > bypass the jail sandboxing by modifying files outside
  > of the jail.
  > 
  > How do I know what the "appropriate device nodes" are
  > for a given jail? I want to run four jails: two
  > webservers, DNS, mail. After testing, the DNS and
  > email jails will be shutdown and the services moved to
  > separate machines.
  > Also, do I configure identical Hosts files on each?
  > Should the jails be on different subnets for added
  > security or can they all be on the same subnet as the
  > host machine?
  > Any help you can give would be appreciated!
  > 
  > Thanx,
  > 
  > Bill
  > 
  
  Thanks for the response. I tried looking through the mail archives
  but the hits either more or less repeat the man page or deal with
  unrelated questions (or have nothing to do with jails at all).
  Also, I had already gone to both those sites, and neither answered
  my questions.
  
  Regards,
 
  Bill


The word 'politics' describes the situation so well: 'poli' meaning 'many' and 'tics' meaning 'bloodsucking creatures'.

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

More information about the freebsd-questions mailing list