This is an old revision of the document!
# mount_cd9660 /dev/cd0 /mnt # setenv D /var/jail/www # mkdir -p $D # tar -xvf /mnt/usr/freebsd-dist/base.txz -C $D
[server:~] # cd /usr/src [server:~] # make buildworld
[server:~] # cd /usr/src [server:~] # setenv D /var/jail/www [server:~] # mkdir -p $D [server:~] # make installworld DESTDIR=$D [server:~] # make distribution DESTDIR=$D
[server:~] # mount_nullfs /usr/ports/ /var/jail/www/usr/ports
[server:~] # cat /etc/rc.conf
... jail_enable="YES" jail_list="www"
[server:~] # cat /etc/jail.conf
allow.raw_sockets = 1; exec.clean; exec.system_user = "root"; exec.jail_user = "root"; exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; mount.devfs; allow.set_hostname = 0; allow.sysvipc = 0; www { host.hostname = "www.corpX.un"; path = "/var/jail/www"; interface = "em0"; ip4.addr = "192.168.X.20"; exec.consolelog = "/var/log/jail_www_console.log"; }
[server:~] # service jail start www
[server:~] # cat /etc/rc.conf
... jail_enable="YES" jail_list="www" jail_www_rootdir="/var/jail/www" jail_www_hostname="www.corpX.un" jail_www_interface="em0" jail_www_ip="192.168.X.20" jail_www_devfs_enable="YES" jail_www_devfs_ruleset="devfsrules_jail"
[server:~] # sysctl security.jail.allow_raw_sockets=1 [server:~] # /etc/rc.d/jail start www
[server:~] # jls [server:~] # jexec N csh www# sysctl security.jail.jailed
www# hostname www# cat /etc/rc.conf
sshd_enable=yes
www# cat /etc/resolv.conf
domain corpX.un nameserver 172.16.1.254
www# cat /etc/hosts
127.0.0.1 localhost localhost.corpX.un 192.168.X.20 www.corpX.un www 172.16.1.249 rep