BSD Jails

Creating a new BSD Jail

Create the world:

# mkdir -p /usr/jail/<jail name>
# cd /usr/src
# make buildworld 
# make installworld DESTDIR=/usr/jail/<jail name>
# make distribution DESTDIR=/usr/jail/<jail name>
# mount -t devfs devfs /usr/jail/<jail name>/dev

Set up the networking for this jail:

# ifconfig re0 10.1.1.21 netmask 255.255.255.0 alias
# cp /etc/resolv.conf /usr/jail/<jail name>/etc/

If you ever want to remove this alias from your host, run

# ifconfig re0 10.1.1.21 netmask 255.255.255.0 remove

Starting a Jail Manually

# jail -n <jail name> /usr/jail/<jail name> <jail name> 10.1.1.20 /bin/sh

Note that this is a one-time thing. If you want it persistent, continue reading on...

Starting Jails Automatically

To ensure the jail gets started on boot, add the following to your /etc/rc.conf file

jail_enable="YES"
jail_jail_name_name="jail_name"
jail_jail_name_hostname="jail_name.home.steamr.com"
jail_jail_name_ip="10.1.1.20"
jail_jail_name_devfs_enable="YES"
jail_jail_name_rootdir="/usr/jail/jail_name"
jail_jail_name_mount_enable="YES"
jail_jail_name_fstab="/etc/jails/fstabs/jail_name"
jail_jail_name_vnet_enable="YES"

Add to /etc/jails/fstabs/jail_name

/usr/src        /usr/jail/jail_name/usr/src   nullfs  rw      0 0
/usr/ports      /usr/jail/jail_name/usr/ports nullfs  rw      0 0

Start the jail using the rc scripts

# /etc/rc.d/jail start jail_name

Managing Jails

# jls   #get the jid 
# jexec <jid> sh

jail# echo "enable_sshd=\"YES\"" >> /etc/rc.conf
jail# /etc/rc.d/sshd start

See Also

• http://www.scottro.net/qnd/qnd-jail.html
• http://articles.slicehost.com/2007/9/5/introduction-to-jail_nameserve