[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] freebsd-update in ezjail?



Alexandros Kosiaris wrote:
...
> After toying around a bit I believe there is a simple way to use it to
> update the basejail fast and securely.
> 
> 1. Stop an existing jail, or create a new one (completely otherwise
> that's ok)
> 2. Mount by hand and read-write basejail dir in the usual place for this
> jail

Why is it necessary to mount the basejail in place of the jail's normal
mount point?  Could there be a dedicated freebsdjail-update jail?

> 3. chown into the jail and run freebsd-update fetch && freebsd-update
> install.

or chroot  ;-) Did you have to do any tweaking as in other (non ezjail)
approach to jails/freebsd-update? e.g.

http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2007-10/msg00701.html

I assume you do this after you've done the same for the host system?
freebsd-update is quite useful for binary updates (security releases
etc) and it seems like it should be easy using freebsd-update.conf to
get it to play nice with ezjail/basejail "out of the box", but your
method or something like seems to be necessary. Perhaps I am continuing
to miss something obvious about ezjail-admin?

> Now this obviously also works for FreeBSD releases <=6.1 as long as the
> freebsd-update port is installed in the aforementioned jail.
> 
> Is there any chance that this functionality (either in the described way
> or any other that can be deemed better) can make it into ezjail?

I'd vote for it .. or something like it :)

> One other thing. Is there a specific reason /rescue is installed in
> basejail ? Saving 3.2 is not worthy mentioning i know, it's just that a
> jail won't ever need it(probably)