Recommend ezjail.conf settings?

[Glen Barber]

Hi Ed,

On 7/20/10 12:54 PM, Ed Flecko wrote:
> Hi folks,
> I'm looking at the ezjail.conf file, and it seems like SOME of the
> settings might be mandatory, but they're all commented out.
>
> For example, the:
>
> # ezjail_mount_enable="YES"

Uncommenting and setting to NO would disable mounting the /basejail, 
read-only bits.

> # ezjail_devfs_enable="YES"
> # ezjail_devfs_ruleset="devfsrules_jail"

If you have specific devfs needs for the jail, you can enable a special 
rule.  Have a look at devfs(8) and devfs.conf(5) if you need to modify 
this, though you probably won't need to.

> # ezjail_procfs_enable="YES"

Disabling this will disable procfs(5).  I recommend this one if you 
don't need procfs(5).

> # ezjail_fdescfs_enable="YES"
>

Similarly to procfs above.  I haven't found any reason to disable this.

> should be uncommented because they're "Default options for newly
> created jails", right?
>

Correct, they are enabled by default, and show the default value.

> Are there any of the other settings I might want to consider enabling?
>

Depends on what your usage needs are. :)

Regards,

-- 
Glen Barber