Axel S. Gruner grunix at bsdforen.de
Sun Aug 10 09:06:13 PDT 2003


On Sun, 10 Aug 2003 11:44:01 -0400
"Grant Peel" <grant at thenetnow.com> wrote something special:

> Q1, If I do another completely fresh installation of 5.1 and then
> install a bunch of ports, (Apache, Exim, named etc etc) when its time
> to build the jail, will ALL of the things that were installed on the
> parent server be automaticaly built for the jail?

No. If you build a jail, only the base system, without the third party
software you built and installed on the host system will be the jail.
You have to build you these application in the jail.
> Q2, When one installs new things to the main server, how do you add
> them to the jail(s)?.

What do you mean with "new things". A jail is a "virtual" system and has
nothing to do with the host system the jail is running on. If you want
to install new software for/in a jail, you have to login to that one,
and start to build that particular software you want to run. 
> Q3, Are there any available patches that should be installed before
> any jails are built?

No i dont think so.
> Q4, If complete servers are built in a jail, and a jailed user is
> given shell access VIA ssh, how secure is the jail? Can the jailed
> user 'break out' to the main server?

Normally no. Or, i dont heard that in past happend (but it maybe can
happen in the future).
A jail is secure, but you as the Administrator has to watch out to
secure the jail as any other system you administrate. 

Please, read the very very good manpage of jail --> man jail.
All your questions will find an answer there.


Die Antwort auf alle Fragen ist 42.

More information about the freebsd-questions mailing list