commit 2df832a9351b7c3affe27de9e6ecb8e32cc468d4 parent 5b1820064e32e81275d96a05fa635b6a6f24daa4 Author: andreas <andreas@port22.net> Date: Fri, 15 Mar 2024 23:08:56 +0100 Nullfs mounts make jail configuration more flexible. Diffstat:
| A | posts/Nullfs_Mounts_in_FreeBSD_Jails | | | 30 | ++++++++++++++++++++++++++++++ |
1 file changed, 30 insertions(+), 0 deletions(-)
diff --git a/posts/Nullfs_Mounts_in_FreeBSD_Jails b/posts/Nullfs_Mounts_in_FreeBSD_Jails @@ -0,0 +1,30 @@ +Nullfs mounts allow FreeBSD jails to share config files and directory trees +between the host system and between other jails. + +Example: + +Server Beastie hosts jail agora - /etc/fstab.agora configured some useful +nullfs mounts. + +root@beastie:~ # cat /etc/fstab.agora +/etc/hosts /jails/agora.port22.net/etc/hosts nullfs ro 0 0 +/etc/rc.conf.agora /jails/agora.port22.net/etc/rc.conf nullfs rw 0 0 +/etc/resolv.conf /jails/agora.port22.net/etc/resolv.conf nullfs ro 0 0 +/etc/localtime /jails/agora.port22.net/etc/localtime nullfs ro 0 0 +/etc/ssl /jails/agora.port22.net/etc/ssl nullfs ro 0 0 +/jails/fstab/agora_usr_local /jails/agora.port22.net/usr/local nullfs rw 0 0 +/jails/fstab/agora_var_db_pkg /jails/agora.port22.net/var/db/pkg nullfs rw 0 0 +/usr/local/www /jails/agora.port22.net/usr/local/www nullfs rw 0 0 +/var/mail/andreas /jails/agora.port22.net/var/mail/andreas nullfs rw 0 0 +root@beastie:~ # + +/etc/hosts, /etc/resolv.conf and /etc/localtime are typically copied into the +jail or created for the jail. Why not just nullfs mount them into the jail. + +/etc/rc.conf is normally a file inside the jail. Nullfs mountings it from +/etc/rc.conf.agora allows the rc.conf files of all jails to live in the same place. + +With /etc/ssl mounted in all jails, SSL certificates can be shared between all jails. + +Having a separate /usr/local and /var/db/pkg makes it possible to update +freebsd and the pkgs seperately.