User Tools
технология_jail
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
технология_jail [2015/05/13 11:10] val |
технология_jail [2016/04/22 14:02] (current) val [FreeBSD8.X] |
||
|---|---|---|---|
| Line 8: | Line 8: | ||
| ==== С использованием дистрибутива ==== | ==== С использованием дистрибутива ==== | ||
| + | <code> | ||
| + | # mount_cd9660 /dev/cd0 /mnt | ||
| + | # setenv D /var/jail/www | ||
| + | |||
| + | # mkdir -p $D | ||
| + | |||
| + | # tar -xvf /mnt/usr/freebsd-dist/base.txz -C $D | ||
| + | </code> | ||
| ==== С использованием компиляции и установки "мира" системы ==== | ==== С использованием компиляции и установки "мира" системы ==== | ||
| Line 43: | Line 51: | ||
| ==== FreeBSD10.X ==== | ==== FreeBSD10.X ==== | ||
| + | |||
| + | * [[http://therub.org/2014/08/11/convert-freebsd-jails-from-rc.conf-to-jail.conf/|Convert FreeBSD 10 Jails from rc.conf to jail.conf]] | ||
| + | |||
| <code> | <code> | ||
| [server:~] # cat /etc/rc.conf | [server:~] # cat /etc/rc.conf | ||
| Line 50: | Line 61: | ||
| jail_list="www" | jail_list="www" | ||
| </code><code> | </code><code> | ||
| - | [server.corp6.un:~] # cat /etc/jail.conf | + | [server:~] # cat /etc/jail.conf |
| </code><code> | </code><code> | ||
| allow.raw_sockets = 1; | allow.raw_sockets = 1; | ||
| Line 56: | Line 67: | ||
| exec.system_user = "root"; | exec.system_user = "root"; | ||
| exec.jail_user = "root"; | exec.jail_user = "root"; | ||
| - | exec.start += "/bin/sh /etc/rc"; | + | exec.start = "/bin/sh /etc/rc"; |
| exec.stop = "/bin/sh /etc/rc.shutdown"; | exec.stop = "/bin/sh /etc/rc.shutdown"; | ||
| - | exec.consolelog = "/var/log/jail_www_console.log"; | ||
| mount.devfs; | mount.devfs; | ||
| allow.set_hostname = 0; | allow.set_hostname = 0; | ||
| Line 67: | Line 77: | ||
| path = "/var/jail/www"; | path = "/var/jail/www"; | ||
| interface = "em0"; | interface = "em0"; | ||
| - | ip4.addr += "em0|192.168.X.20/32"; | + | ip4.addr = "192.168.X.20"; |
| + | exec.consolelog = "/var/log/jail_www_console.log"; | ||
| } | } | ||
| + | </code><code> | ||
| + | [server:~] # service jail start www | ||
| </code> | </code> | ||
| - | ==== FreeBSD8.X ==== | ||
| - | <code> | ||
| - | [server:~] # cat /etc/rc.conf | ||
| - | </code><code> | ||
| - | ... | ||
| - | jail_enable="YES" | ||
| - | jail_list="www" | ||
| - | jail_www_rootdir="/var/jail/www" | ||
| - | jail_www_hostname="www.corpX.un" | ||
| - | jail_www_interface="em0" | ||
| - | jail_www_ip="192.168.X.20" | ||
| - | jail_www_devfs_enable="YES" | ||
| - | jail_www_devfs_ruleset="devfsrules_jail" | ||
| - | </code><code> | ||
| - | [server:~] # sysctl security.jail.allow_raw_sockets=1 | ||
| - | |||
| - | [server:~] # /etc/rc.d/jail start www | ||
| - | </code> | ||
| ===== Просмотр и подключение к jail ===== | ===== Просмотр и подключение к jail ===== | ||
| Line 101: | Line 96: | ||
| ===== Настройка jail ===== | ===== Настройка jail ===== | ||
| <code> | <code> | ||
| + | www# hostname | ||
| + | |||
| www# cat /etc/rc.conf | www# cat /etc/rc.conf | ||
| </code><code> | </code><code> | ||
| - | hostname=www.corpX.un | ||
| sshd_enable=yes | sshd_enable=yes | ||
| </code><code> | </code><code> | ||
технология_jail.1431504613.txt.gz · Last modified: 2015/05/13 11:10 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
