1. Jail安装Howto

1.1. 前言

以前我写过一个文档，是讲述FreeBSD 4.x上安装Jail的Howto。这次梅劲松写了一个更新的文档，又加上这两天为大家安装测试服务器，所以更新一下以前的文档，让它更适用于FreeBSD 5.x，同时期待今年会推出的FreeBSD 6。 ^_

1.2. 安装脚本

由梅劲松提供，主要是加入了参数行这一段：

#!/bin/sh
if [ -z $4 ]; then
echo "specify dest dir such as $0 /some/dir servernick servername ipaddr"
exit
fi 

if [ ! -d $1 ]; then
echo "dest dir $1 does not exist, mkdir..."
mkdir -p $1
fi
echo "Install a new jail into $1"

D=$1
echo $D
cd /usr/src
make installworld DESTDIR=$D
cd etc
make distribution DESTDIR=$D
cd $D
ln -sf dev/null kernel 

echo "Add config to /etc/rc.conf.local"
echo 'if you starting jail in system booting add jail_enable="YES" to /etc/rc.conf.local'
echo if you starting $3 in jail add $3 to jail_list variable in /etc/rc.conf.local

eval JAILSTRING=jail_\$2_hostname=\$3
echo $JAILSTRING | sed -E -e s/=/=\"/g -e s/\$/\"/g >> /etc/rc.conf.local

eval JAILSTRING=jail_\$2_ip=\$4
echo $JAILSTRING | sed -E -e s/=/=\"/g -e s/\$/\"/g >> /etc/rc.conf.local

eval JAILSTRING=jail_\$2_rootdir=$D
echo $JAILSTRING | sed -E -e s/=/=\"/g -e s/\$/\"/g >> /etc/rc.conf.local

eval JAILSTRING=jail_\$2_exec=\"/bin/sh /etc/rc\"
echo $JAILSTRING | sed -E -e s/=/=\"/g -e s/\$/\"/g >> /etc/rc.conf.local

eval JAILSTRING=jail_\$2_devfs_enable=YES
echo $JAILSTRING | sed -E -e s/=/=\"/g -e s/\$/\"/g >> /etc/rc.conf.local

eval JAILSTRING=jail_\$2_devfs_ruleset=devfsrules_jail
echo $JAILSTRING | sed -E -e s/=/=\"/g -e s/\$/\"/g >> /etc/rc.conf.local

echo "Add config to jail rc.conf"
cp /etc/resolv.conf $D/etc/
echo sshd_enable=YES >> $D/etc/rc.conf
echo sendmail_enable=NONE >> $D/etc/rc.conf
echo syslogd_flags=-ss >> $D/etc/rc.conf

echo "Add config to jail hosts"
echo "127.0.0.1 localhost" >> $D/etc/hosts
eval JAILSTRING=\"\$4   \$3\"
echo $JAILSTRING >> $D/etc/hosts

1.2.1. jail的启动与停止

聪明的freebsd已经写好了jail的启动与停止脚本，你可以通过：

/etc/rc.d/jail start

来启动你的所有的jail，也可以通过

/etc/rc.d/jail stop

来停止你的所有的jail。当然，一但你写好了rc.conf.local中的配置，你的系统在启动时也会启动jail，在shutdown时也会自动停止所有的jail。