A few jail questions
the.real.david.allen at gmail.com
Sat Mar 22 20:03:42 PDT 2008
I've recently been examining the use of jails in FreeBSD, and I have some
questions I hope someone can shed some light on with respect to running
virtual servers in jails.
1. Upgrading. This probably a "It Depends" question, but if a host system
is upgraded (within version numbers), will the new kernel and world on the
host system cause potential problems with existing jails when they are
restarted? Or do the jails need to be rebuilt before they are started?
2. Localhost. Jails seem to be implemented using IP address aliasing, so
anything within the jail that wants to, or is configured to, bind to the
localhost address, now gets bound to the jail's IP address. This means
that what was once local, is now publically available. Will running a
firewall on the host system work in such cases?
3. Sendmail. The usual approach of setting "sendmail_enable=NO" (or using
DAEMON_OPTIONS) won't prevent sendmail running in a jail from starting up
and listening for incoming mail from external hosts. Short of disabling
sendmail entirely, I'm wondering what approach most people use as a
Please copy me, as I'm not currently subscribed.
More information about the freebsd-questions