BSD · FreeBSD · FreeBSD 11 · FreeBSD Jails

Creation and Administration of Jails on FreeBSD-11

Jails are available on FreeBSD since version 4.4. Let us see how to implement jails in FreeBSD 11.x using ezjail. Ezjail is a tool used to create and administer jails.

Installation of ezjail

Jails are available as part of FreeBSD. Hence we need not install it seperately. But we would need to install ezjail. Ezjail can be installed using the following command.

pkg install ezjail

Add the following line in /etc/rc.conf to enable ezjail while booting.

ezjail_enable="YES"

Start ezjail

service ezjail start

Base Jail

Base jail needs to be created first before other jails are created for use. The base jail directory structure can be created and populated using the following command.

ezjail-admin install

To create base jail with the system sources, use the following command.

ezjail-admin install -s

To create base jail with ports tree, use the following command.

ezjail-admin install -p

Similarly use the appropriate options to create the base jail according to your requirements

Administering Jails

To create a new jail named jail1 with interface IP 192.168.1.51, use the following command.

ezjail-admin create jail1 're0|192.168.1.51"

There may also be warnings in the output like this.

Warning: Some services already seem to be listening on all IP, (including 192.168.1.51)
  This may cause some confusion, here they are:
root     ntpd       769   20 udp4   *:123                 *:*
root     ntpd       769   21 udp6   *:123                 *:*
root     syslogd    671   6  udp6   *:514                 *:*
root     syslogd    671   7  udp4   *:514                 *:*

Start the jail created now.

ezjail-admin start jail1

Login to the console of jail1 using the following command.

ezjail-admin console jail

To exit the console of the jail use the following command.

exit

To stop the jail

ezjail-admin stop jail1

To delete the jail using the following command

ezjail-admin delete jail1

To get the list of all the jails available

ezjail-admin list

By default, jails are started automatically when the host machine starts. Autostarting can be disabled with the following command.

ezjail-admin config -r norun jail1

To archive the jail, stop it and use the following command.

ezjail-admin archive jail1

The archive files will be created in the following folder.

/usr/jails/ezjail_archives/

You can create a jail from the archive.

ezjail-admin create -a /usr/jails/ezjail_archives/jail1-201411251503.30.tar.gz jail1-clone 'lo|127.0.3.1,re0|192.168.1.53'
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s