Re: 'jailer' for managing jails
From: Nielsen (nielsen@memberwebs.com)
Date: 05/24/02
- Next message: Krzysztof Zaremba: "subscribe"
- Previous message: Jeff Martin: "Vellums,Bonds, Mylars, & Inks for Design Professionals"
- In reply to: Marcio d'Avila Scheibler: "Re: 'jailer' for managing jails"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Nielsen" <nielsen@memberwebs.com> To: "Marcio d'Avila Scheibler" <marcio@cpd.ufsm.br> Date: Thu, 23 May 2002 15:29:38 -0700 (PDT)
Yes, I have scripts too. And ".conf" files for the jails. We've also
extended it to encompass more than jails. So we end up with "units" that we
can move to various machines. Those support stop, start, restart, firewall,
mounting various directories from the host, listing all processes in a jail
(from the host), listing all jails running etc... I'll post those soon to
my site.
I thought that would be more of a topic for an "ISP" list.
Cheers
Nate
----- Original Message -----
From: "Marcio d'Avila Scheibler" <marcio@cpd.ufsm.br>
To: "Nielsen" <nielsen@memberwebs.com>
Cc: <freebsd-security@FreeBSD.ORG>
Sent: Thursday, May 23, 2002 6:12
Subject: Re: 'jailer' for managing jails
>
> I've read your manpage and found it interesting.
> Some time ago I wrote some scripts to help jail configuration
> and management, but I think for start and stop your
> solution seems to be cleaner.
>
> For those scripts I have an text file called "jailtab", where
> each line defines one jail, with following fields:
>
> - jail hostname
> - jail root dir
> - jail ip address
> - jail default started command ("/bin/sh /etc/rc", but from
> now "/usr/local/sbin/jailer" :-) )
>
> This file prevents you from needing to enter all those parameters
> whe using the scripts.
>
> By the way, scripts are the following:
>
> - jail-start <hostname> [command] # starts the jail
> - jail-stop <hostname> # needs HOST (not jail) /proc
> - jail-procfs <hostname} [mount|umount] # (u)mounts jail /proc
>
> - jail-install
> Performs "make install" from host /usr/src as is told in
> jail manpage
>
> - jail-config
> Performs some config steps as is told in jail manpage (timezone,
> root password, etc...) and also copies a list of files
> defined in a "filelist" config file.
>
> Let me now if you have interest in add and improve this
> modest contrib, I send you a tarball with scripts and sample
> "jailtab" file. In this case feel free to change jail-start
> and jail-stop to handle "jailer"...
>
>
> On Wed, 22 May 2002, Nielsen wrote:
>
> > Date: Wed, 22 May 2002 22:30:02 -0700 (PDT)
> > From: Nielsen <nielsen@memberwebs.com>
> > To: freebsd-security@FreeBSD.ORG
> > Subject: 'jailer' for managing jails
> >
> > Since the discussion here often revolves around jails, here's something
I
> > put together for managing jails. Comments welcome.
> >
> > http://memberwebs.com/nielsen/freebsd/jailer/
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >
> >
>
> --------------------------------------------------------------------------
---- > Marcio d'Avila Scheibler - Divisao de Suporte (marcio@cpd.ufsm.br) > Centro de Processamento de Dados - Campus Universitario - CEP 97105-900 > Universidade Federal de Santa Maria - RS - Brasil > ============================================================================ = > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Krzysztof Zaremba: "subscribe"
- Previous message: Jeff Martin: "Vellums,Bonds, Mylars, & Inks for Design Professionals"
- In reply to: Marcio d'Avila Scheibler: "Re: 'jailer' for managing jails"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
