Information on Setting up a Jailed Webserver
APseudoUtopia
apseudoutopia at gmail.com
Thu Aug 27 14:14:06 UTC 2009
On Wed, Aug 26, 2009 at 11:35 PM, Erich Dollansky<erich at apsara.com.sg> wrote:
> Hi,
>
> On 27 August 2009 am 11:10:37 Adam Vande More wrote:
>> On Wed, Aug 26, 2009 at 9:59 PM, APseudoUtopia
> <apseudoutopia at gmail.com>wrote:
>> >
>> > Also, how memory-intensive is a jail?
>>
>> Very light when compared to other virtualization methods.
>
> jails share the kernel but not the world.
>
> So, there will be only one kernel loaded but all libraries in use
> will be loaded individually by each jail when needed.
>
> Jails need some more disk space as the world, all libraries needed
> and all applications needed are installed individually in each
> jail.
>
> This can be minimised with proper planning of what runs it what
> jail.
>
> Erich
>
Thanks for the helpful replies. I have a couple of questions:
When a jail is compromised, the only thing I have to do to recover the
system is delete the jail and create a new one, correct? The host
system is untouched even if a jail is compromised?
And how does the upgrade process work? I know the userland must be the
same for the host system and the jail. If I want to upgrade to, say,
FreeBSD 8 when released, what is the process? I'd imagine it goes
something like this, but I'm not sure:
-Shut down jail
-Upgrade host system
-Install host binaries
-Install jail binaries
-Restart jail
Or is there more to the process than what it seems?
Thanks again.
More information about the freebsd-questions
mailing list