Skip to content

HOWTO: Create FreeBSD 10.2 for serving jails and jails configurations – SHELL SCRIPT

March 31, 2016

Here is the simple script for creating new jails:

 

#!/bin/sh
HOSTNAME=’###########’
JAILDIR=/usr/jails/$HOSTNAME
mkdir -p $JAILDIR/dev
mkdir -p $JAILDIR/etc
mkdir -p $JAILDIR/usr/tmp
chmod 777 $JAILDIR/usr/tmp
cd /usr/src/usr/src/
make buildworld                                                                     # COMMENT OR REPLACE BUILDWORLD IF IT’S ALREADY BUILD
make installworld DESTDIR=$JAILDIR
cd /usr/src/usr/src/etc
cp /etc/resolv.conf $JAILDIR
make distribution DESTDIR=$JAILDIR NO_OPENSSH=YES NO_OPENSSL=YES  # If you dont need ssh to the jail
cd $JAILDIR
mount -t devfs devfs $JAILDIR/dev                                     # At this point we’ll mount devfs, and then hide the unneeded devs
devfs -m $JAILDIR/dev rule -s 4 applyset
ln -s dev/null kernel                                                                    # Create a null kernel
touch $JAILDIR/etc/fstab                                                        # Quell warnings about fstab
cp /etc/resolv.conf $JAILDIR/etc/resolv.conf                     # Use our existing resolv.conf
mkdir -p $JAILDIR/etc/ssl                                                       # Copy our settings for ssl
mkdir -p $JAILDIR/usr/local/openssl
cp /etc/ssl/openssl.cnf $JAILDIR/etc/ssl
cd $JAILDIR/usr/local/openssl/
ln -s ../../../etc/ssl/openssl.cnf openssl.cnf
echo Make a decent rc.conf:
echo hostname='”$HOSTNAME”‘ # Set this!
echo ifconfig_em0=”inet 10.0.0.20 netmask 255.255.255.255″
echo defaultrouter=”10.0.0.1″ # Set to default gateway (or NO).
echo clear_tmp_enable=”YES” # Clear /tmp at startup.
echo kern_securelevel_enable=”YES”                                   # kernel security level (see init(8))
echo kern_securelevel=”3″                                                       # Once you set your jail up you may want to consider adding a good securelevel: Same as sysctl -w kern.securelevel=3

Advertisements

From → FreeBSD, Jails

One Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: