Creating and Destroying the Jail
Creating the Jail
Prerequisites:
Vim needs to be installed on the machine
The following tasks were performed under the root user (use sudo for the normal user if preferred).
- Go to the directory
/tmpso it can be removed later - Replace the
jail_namewith your preferred name, this creates a directory for your jail. - Install jail in the directory we just created.
cd /tmp
mkdir jail_name
bsdinstall jail jail_nameJust like how we install the FreeBSD on our machine.
- Create a jail.conf file under the directory
/etcto hold our jail configuration.
/etc/jail.conf
# common configuration for all jails
allow.nomount; # prevent child jails from doing stuff they're not supposed to
mount.devfs; # mount '/dev'
path = "~/jails/$name"; # path to jail, unless specified otherwise
exec.start = "/bin/sh /etc/rc"; # what to do when the jail is started
exec.stop = "/bin/sh /etc/rc.shutdown"; # what to do when the jail is stopped
exec.clean; # clear the previous environment
host.hostname = "$name.jail.hostname"; # set hostname
ip4 = inherit; # inherit ip address from host
ip6 = inherit;
# jail specific configuration
jail_name {
path = "/tmp/jail_name";
}- To start the jail:
jail -c jail_name- To open up the shell for the jail:
jexec jail_name /bin/sh- To list all currently running jails:
jlsOutput:
JID IP Address Hostname Path
x jail_name.jail.hostname /tmp/jail_name- To make the jail runs on boot
echo 'jail_enable="YES"' >> /etc/rc.confDetach the Jail
- To detach jail:
jail -r jail_nameWe can restart the jail by using the -c flag (code above).
Remove the Jail Permanently
- To make sure the jail that will be removed has stopped:
jlsBe sure the output looks like this:
JID IP Address Hostname Path- You will need to force remove the jail:
chflags -R noschg jail_name
rm - rf jail_name- To check if it is successfully removed:
ll jail_nameExpected Output:
ls: jail_name: No such file or directoryReferences (Creating and Destroying the Jail): https://www.youtube.com/watch?v=T6gYmjtry50
Be First to Comment