User Tools

Site Tools


технология_jail

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
технология_jail [2015/05/13 11:10]
val
технология_jail [2016/04/22 14:02] (current)
val [FreeBSD8.X]
Line 8: Line 8:
  
 ==== С использованием дистрибутива ==== ==== С использованием дистрибутива ====
 +<​code>​
 +# mount_cd9660 /dev/cd0 /mnt
  
 +# setenv D /​var/​jail/​www
 +
 +# mkdir -p $D
 +
 +# tar -xvf /​mnt/​usr/​freebsd-dist/​base.txz -C $D
 +</​code>​
  
 ==== С использованием компиляции и установки "​мира"​ системы ==== ==== С использованием компиляции и установки "​мира"​ системы ====
Line 43: Line 51:
  
 ==== FreeBSD10.X ==== ==== FreeBSD10.X ====
 +
 +  * [[http://​therub.org/​2014/​08/​11/​convert-freebsd-jails-from-rc.conf-to-jail.conf/​|Convert FreeBSD 10 Jails from rc.conf to jail.conf]]
 +
 <​code>​ <​code>​
 [server:~] # cat /​etc/​rc.conf [server:~] # cat /​etc/​rc.conf
Line 50: Line 61:
 jail_list="​www"​ jail_list="​www"​
 </​code><​code>​ </​code><​code>​
-[server.corp6.un:~] # cat /​etc/​jail.conf+[server:~] # cat /​etc/​jail.conf
 </​code><​code>​ </​code><​code>​
 allow.raw_sockets = 1; allow.raw_sockets = 1;
Line 56: Line 67:
 exec.system_user = "​root";​ exec.system_user = "​root";​
 exec.jail_user = "​root";​ exec.jail_user = "​root";​
-exec.start ​+= "/​bin/​sh /​etc/​rc";​+exec.start = "/​bin/​sh /​etc/​rc";​
 exec.stop = "/​bin/​sh /​etc/​rc.shutdown";​ exec.stop = "/​bin/​sh /​etc/​rc.shutdown";​
-exec.consolelog = "/​var/​log/​jail_www_console.log";​ 
 mount.devfs;​ mount.devfs;​
 allow.set_hostname = 0; allow.set_hostname = 0;
Line 67: Line 77:
         path = "/​var/​jail/​www";​         path = "/​var/​jail/​www";​
         interface = "​em0";​         interface = "​em0";​
-        ip4.addr ​+= "em0|192.168.X.20/​32";+        ip4.addr = "​192.168.X.20"; 
 +        exec.consolelog = "/var/​log/​jail_www_console.log";
 } }
 +</​code><​code>​
 +[server:~] # service jail start www
 </​code>​ </​code>​
  
-==== FreeBSD8.X ==== 
-<​code>​ 
-[server:~] # cat /​etc/​rc.conf 
-</​code><​code>​ 
-... 
-jail_enable="​YES"​ 
-jail_list="​www"​ 
-jail_www_rootdir="/​var/​jail/​www"​ 
-jail_www_hostname="​www.corpX.un"​ 
-jail_www_interface="​em0"​ 
-jail_www_ip="​192.168.X.20"​ 
-jail_www_devfs_enable="​YES"​ 
-jail_www_devfs_ruleset="​devfsrules_jail"​ 
-</​code><​code>​ 
-[server:~] # sysctl security.jail.allow_raw_sockets=1 
- 
-[server:~] # /​etc/​rc.d/​jail start www 
-</​code>​ 
  
 ===== Просмотр и подключение к jail ===== ===== Просмотр и подключение к jail =====
Line 101: Line 96:
 ===== Настройка jail ===== ===== Настройка jail =====
 <​code>​ <​code>​
 +www# hostname
 +
 www# cat /​etc/​rc.conf www# cat /​etc/​rc.conf
 </​code><​code>​ </​code><​code>​
-hostname=www.corpX.un 
 sshd_enable=yes sshd_enable=yes
 </​code><​code>​ </​code><​code>​
технология_jail.1431504613.txt.gz · Last modified: 2015/05/13 11:10 by val