Jails setup with binary packages only
I would like to use a freebsd system with binary packages only. I want to heavily use the jail concept. All the documentation about jails implies the use of buildworld into the jails. In order to avoid any compilation time, I installed a minimal base system for the host and I nullfs mounted read-only every system directory (bin, sbin, etc) into my jails. Then, in order to be able to install additional software inside the jails, I unionfs mounted read-write empty directories ontop of the nullfs read-only system directories. So I only have to freebsd-update the host and then freebsd-update each jail in order to keep updated. What about this kind of setup ? do I miss something ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: best way to install/update software and firewall choice
Thanks to all -- Guy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
best way to install/update software and firewall choice
Hi, I am an old debian user and I am looking at freebsd for security reasons * I am very interested in the jail concept * I have to relearn iptables syntax each time I want to add a rule I am testing the system in vmware virtual machine. There is a point I don't fully understand. There are several ways of updating the system, from precompiled binaries or by recompiling the system and the ports (and using csup, portsnap, portupgrade ...). I would prefer to use the first way because it is really faster, but it seems to me that when I want to update my jails, there is no other easy way than recompiling the whole world into my jails. The other point a bit confusing is that I dont know which firewall to use. My first guess would be to use pf, because it exists also on openbsd, but it seems that the default would go to ipfw. Thanks to support a newby -- Guy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org