Re: freebsd-update on jails
On Wed, 2008-04-30 at 00:08 +0200, Jeremie Le Hen wrote: > Hi Jeffrey, > > On Sun, Apr 20, 2008 at 03:49:39PM -0400, Jeffrey Smith wrote: > > I previously posted a howto to use zfs to manage jails. The first > > Could you remind us the URL of this howto please? > > Thanks. > Regards, I posted it here to this list, looking for recommendations. The only update I have for it is that freebsd-update doesn't work as ZFS doesn't yet support chflags. Other than that I am very happy with this setup. Can't wait for ZFS to mature to the point for this to work flawlessly. Here it is again ZFS Jails #zpool create pool #zfs create -o mountpoint=jails pool/jails #zfs create pool/jails/jailbase #mkdir -p /jails/7.0-RELEASE/base /jails/7.0-RELEASE/man pages #cd /jails/7.0-RELEASE/base NOTE: Files can also be copied from Disc1 cdrom #ftp ftp.freebsd.org:/pub/FreeBSD/releases/amd64/7.0-RELEASE/base/ ftp>mget * ftp>cd ../manpages ftp>lcd ../manpages ftp>mget * ftp>exit #export DESTDIR=/jails/jailbase #sh install.sh #cd ../manpages #sh install.sh #export DESTDIR=”” #mkdir -p /jails/jailbase/usr/ports #mount_nullfs /usr/ports /jails/jailbase/usr/ports #touch /jails/jailbase/etc/fstab #cp /etc/resolv.conf /jails/jailbase/etc #vi /etc/rc.conf # # Jail Defaults # jail_enable=”YES” jail_set_hostname_allow=”NO” jail_interface=”bge0” jail_devfs_enable=”YES” jail_list=”jailbase” # # jailbase.example.org # jail_jailbase_hostname=”jailbase.example.org” jail_jailbase_ip=”192.168.0.50” jail_jailbase_rootdir=”/jails/jailbase” :wq #/etc/rc.d/jail start #jls #jexec 1 tcsh #set autolist NOTE: freebsd-update does not work, as ZFS does not support chflags. looking for a work around Install ports or package that all jails will require, such as bash and vim-lite #exit Back to host #zfs snapshot pool/jails/[EMAIL PROTECTED] #zfs clone pool/jails/[EMAIL PROTECTED] pool/jails/ns #zfs clone pool/jails/[EMAIL PROTECTED] pool/jails/mail #zfs clone pool/jails/[EMAIL PROTECTED] pool/jails/www #vi /etc/rc.conf ...snip... jail_list=”jailroot ns mail www” ...snip... # # ns.example.org # jail_ns_hostname=”ns.example.org” jail_ns_ip=”192.168.0.51” jail_ns_rootdir=”/jails/ns” # # mail.example.org # jail_mail_hostname=”mail.example.org” jail_mail_ip=”192.168.0.52” jail_ns_rootdir=”/jails/mail” # # www.example.org # jail_www_hostname=”www.example.org” jail_www_ip=”192.168.0.53” jail_www_rootdir=”/jails/www” :wq #/etc/rc.d/jail start #jls ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: freebsd-update on jails
Jeremie Le Hen wrote: Hi Jeffrey, On Sun, Apr 20, 2008 at 03:49:39PM -0400, Jeffrey Smith wrote: I previously posted a howto to use zfs to manage jails. The first Could you remind us the URL of this howto please? It was in this mailing list at March with subject "ZFS Jails Management" Miroslav Lachman ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: freebsd-update on jails
Hi Jeffrey, On Sun, Apr 20, 2008 at 03:49:39PM -0400, Jeffrey Smith wrote: > I previously posted a howto to use zfs to manage jails. The first Could you remind us the URL of this howto please? Thanks. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: freebsd-update on jails
On Mon, 2008-04-21 at 12:30 +0200, Alexander Leidinger wrote: > Quoting Jeffrey Smith <[EMAIL PROTECTED]> (from Sun, 20 Apr > 2008 15:49:39 -0400): > > > I previously posted a howto to use zfs to manage jails. The first > > update through freebsd-update has been released. Testing this I get > [snip] > > But I still get that same error. Does anyone have any idea what would > > keep this from working? If there is a way to update the host and all > > subsequent jails vi the host that would be great, as i would prefer not > > to allow chflags from within the jails. > > If you have your jail on ZFS I suggest you check that the original > file has flags at all. I doubt it (as ZFS doesn't handle flags (yet?)). > > Bye, > Alexander. > Right, I think I rememeber reading that somewhere. Is there a work around so freebsd-update will work, or am I out of luck until ZFS is fixed? ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: freebsd-update on jails
Quoting Jeffrey Smith <[EMAIL PROTECTED]> (from Sun, 20 Apr 2008 15:49:39 -0400): I previously posted a howto to use zfs to manage jails. The first update through freebsd-update has been released. Testing this I get [snip] But I still get that same error. Does anyone have any idea what would keep this from working? If there is a way to update the host and all subsequent jails vi the host that would be great, as i would prefer not to allow chflags from within the jails. If you have your jail on ZFS I suggest you check that the original file has flags at all. I doubt it (as ZFS doesn't handle flags (yet?)). Bye, Alexander. -- Home on the Range was originally written in beef-flat. http://www.Leidinger.netAlexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137 ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: freebsd-update on jails
Jeffrey Smith wrote: On Mon, 2008-04-21 at 01:54 +0200, Miroslav Lachman wrote: Jeffrey Smith wrote: I previously posted a howto to use zfs to manage jails. The first update through freebsd-update has been released. Testing this I get (in jail) ldap1#freebsd-update install Installing updates...chflags: ///usr/lib/libssh.a: Operation not supported After this error I enabled chflags in sysctl on the host system #sysctl security.jail.chflags_allowed=1 This did not not work in fixing the issue after reading the freebsd-update man page I thought this should be possible #freebsd-update -b /jails/ldap1/ -d /jails/ldap1/var/db/freebsd-update/ \ install Installing updates...chflags: /jails/ldap1///usr/lib/libssh.a: Operation not supported But I still get that same error. Does anyone have any idea what would keep this from working? If there is a way to update the host and all subsequent jails vi the host that would be great, as i would prefer not to allow chflags from within the jails. Can you tell me your FreeBSD version? I am convinced that I did freebsd-update inside Jail on FreeBSD 6.2, but I am not 100% sure and did not test it on FreeBSD 7. Are you trying update (minor security updates) or upgrade to newer release version? Maybe I was in luck, that my update routine did not change any chflagged files. Miroslav Lachman FreeBSD x.yyy.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC amd64 Hmmm... can you show your `mount` output? Do you have jails on NFS exported fs, or plain ufs? As a quick & dirty hack, you can try sysinstall batch: sysinstall _ftpPath=ftp://ftp.FreeBSD.org/pub/FreeBSD/ nonInteractive=yes mediaSetFTP releaseName=7.0-RELEASE dists=base distSetCustom installRoot=/jails/ldap1/ installCommit or better tuned sysinstall command to not install new base, but do binary upgrade. [add function "installUpgrade" in to sysinstall command] (I did not tried this way, so let me know if it works for you) Miroslav Lachman ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: freebsd-update on jails
Jeffrey Smith wrote: I previously posted a howto to use zfs to manage jails. The first update through freebsd-update has been released. Testing this I get (in jail) ldap1#freebsd-update install Installing updates...chflags: ///usr/lib/libssh.a: Operation not supported After this error I enabled chflags in sysctl on the host system #sysctl security.jail.chflags_allowed=1 This did not not work in fixing the issue after reading the freebsd-update man page I thought this should be possible #freebsd-update -b /jails/ldap1/ -d /jails/ldap1/var/db/freebsd-update/ \ install Installing updates...chflags: /jails/ldap1///usr/lib/libssh.a: Operation not supported But I still get that same error. Does anyone have any idea what would keep this from working? If there is a way to update the host and all subsequent jails vi the host that would be great, as i would prefer not to allow chflags from within the jails. Can you tell me your FreeBSD version? I am convinced that I did freebsd-update inside Jail on FreeBSD 6.2, but I am not 100% sure and did not test it on FreeBSD 7. Are you trying update (minor security updates) or upgrade to newer release version? Maybe I was in luck, that my update routine did not change any chflagged files. Miroslav Lachman ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"
freebsd-update on jails
I previously posted a howto to use zfs to manage jails. The first update through freebsd-update has been released. Testing this I get (in jail) ldap1#freebsd-update install Installing updates...chflags: ///usr/lib/libssh.a: Operation not supported After this error I enabled chflags in sysctl on the host system #sysctl security.jail.chflags_allowed=1 This did not not work in fixing the issue after reading the freebsd-update man page I thought this should be possible #freebsd-update -b /jails/ldap1/ -d /jails/ldap1/var/db/freebsd-update/ \ install Installing updates...chflags: /jails/ldap1///usr/lib/libssh.a: Operation not supported But I still get that same error. Does anyone have any idea what would keep this from working? If there is a way to update the host and all subsequent jails vi the host that would be great, as i would prefer not to allow chflags from within the jails. thanks in advance ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[EMAIL PROTECTED]"