How to reference PHP path in web server jail to app server in jail
markham breitbach
markhamb at corp.ssimicro.com
Fri Jan 29 19:04:37 UTC 2016
You can't directly point from one jail to another. That's kinda the
point of jails :)
However, you could use a nullfs mount at the host (prison?) level:
# mount_mullfs -ro /wiki.jailnet.private/usr/local/www/wiki/webroot /webserverjailroot/mountpoint
This will allow readonly access from the webserver to the php-app
-Markham
On 2016-01-29 11:33 AM, Sergei G wrote:
> Hi,
>
> I currently have this setup:
>
> * Host is running nginx web server
> * Host is running a number of jails. I usually have a jail per application.
> * nginx configuration file serves content that's installed in a jail by
> specifying path to a jail; jailed PHP application has paths relative to a
> jail
>
> I'd like to move web server into its own jail, but I don't know how I would
> instruct web server to locate application's (PHP) jail files.
>
> Any ideas?
>
> Parts of my nginx configuration file:
>
> server {
> ...
> # this is a host's path; it would change if nginx in its own jail
> location / {
> root /wiki.jailnet.private/usr/local/www/wiki/webroot;
> }
>
> # parts of foswiki configuration
> location ~ ^/bin/([aa-z]+) {
> ...
> # talk to fascgi through TCP/IP. I did not attempt to use Unix
> sockets. It would be nice.
> fastcgi_pass 192.168.3.13:90001
> # path is valid inside the wiki jail; that will stay the same
> fastcgi_param SCRIPT_FILENAME
> /usr/local/www/wiki/webroot/$fastcgi_script_name;
> ...
> }
>
> So, If I was to move nginx to its own jail I don't know how to replicate
> root /wiki.jailnet.private/usr/local/www/wiki/webroot;
> line inside jail to point to another jail's filesystem.
>
> I am not that good with nullfs, so if you could point to how to understand
> it that would be great.
>
>
> Thank you
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list