linux-only jail possible?

Alexander Leidinger Alexander at Leidinger.net
Thu Mar 4 10:41:05 UTC 2010 

On Wed, 3 Mar 2010 19:06:36 +0100 Roman Divacky <rdivacky at freebsd.org>
wrote:

> On Wed, Mar 03, 2010 at 11:59:49AM -0500, John Nielsen wrote:
> > On Wednesday 03 March 2010 03:00:50 Roman Divacky wrote:
> > > I succesfully ran chroot of linux environment on freebsd back in
> > > 2007/2008. I firmly believe jail should work fine too
> > 
> > Good to know, thanks! Would you mind sharing some more details?
> > (Off-list is fine if you prefer.) Was it a more or less complete
> > environment? What distro / version of Linux?
> 
> I downloaded gentoo 2007 untarred it into /compat/linux and
> chroot /compat/linux /bin/bash
> 
> it just worked - nothing special was necessary
> 
> dont remember much details but I had no problems with that setup

It does not need to be in this directory off course. You can install
the gentoo-dist ports (not the gentoo-baase port). After that you can
copy all the files to the place where you want to have the jail.

Now you just need to configure a jail. It does not matter much if you
use the jail stuff in the base system or a framework like ezjail or
similar, as long as you configure an appropriate startup script in the
linux-jail. The linux-startup part you need to do yourself, I do not
think the default linux startup stuff is approrpiate. I suggest to
start at least a sshd before you start the software you want to
use. This way you can login into the linux-jail and investigate issues
like it is a real system.

I suggest to monitor the kernel messages on the FreeBSD host. There may
be linux-syscalls which are not implemented (e.g. epoll stuff). There
is currently no effort to implement those. There may be partial
implementations for some sysctls (Roman has something somewhere), but
nothing is in FreeBSD and no efforts are on the way to bring them in.
If your software needs something like this, you either need to
implement them yourself, switch the software to not use this (maybe
by changing the linux emulation to 2.4 instead of 2.6), or to forget
about using FreeBSD for this. emulation@ is a good address to ask
questions regarding the status of things,
http://wiki.freebsd.org/linux-kernel has some infos too.

Bye,
Alexander.

More information about the freebsd-jail mailing list