Jails and filesystems

[Rob]

Fellow BSDers,

I'm trying to figure out the best layout for multiple jails.
I'd like to share binaries across jails - patches and packages only 
need to be installed once, and it saves a lot of space. So these 
directories would be shared and read-only:
        /bin
        /sbin
        /usr (except /usr/local/etc)
        /var/db/pkg

And these would be private:
        /etc
        /usr/local/etc
        /var (except /var/db/pkg)

The current plan is to move all the shared stuff into /shared, and 
mount it read-only into each jail with nullfs. Then /usr/local/etc is 
moved into /private. This is how it looks inside the jail:

[EMAIL PROTECTED] /tmp/3569/root # env - /usr/sbin/chroot `pwd` /usr/bin/login 
-f root
Last login: Sat Jun 11 09:16:11 on tty??
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
        The Regents of the University of California.  All rights 
reserved.

[EMAIL PROTECTED] ~ # cd /
[EMAIL PROTECTED] / # ll
total 27
drwxr-xr-x  13 root  wheel   512 Jun  9 14:38 .
drwxr-xr-x  13 root  wheel   512 Jun  9 14:38 ..
-rw-r--r--   1 root  wheel   802 Jan 21 15:46 .cshrc
-rw-r--r--   1 root  wheel   251 Jan 21 15:46 .profile
-r--r--r--   1 root  wheel  6117 Jan 21 15:46 COPYRIGHT
lrwxr-xr-x   1 root  wheel    11 Jun  9 14:38 bin -> /shared/bin
drwxr-xr-x   3 root  wheel   512 Jan 21 15:46 boot
drwxr-xr-x   3 root  wheel  1536 Jun  9 14:01 dev
drwxr-xr-x  16 root  wheel  2048 Jun  9 14:27 etc
-rw-r--r--   1 root  wheel     0 Jun  9 14:01 kernel
drwxr-xr-x   2 root  wheel   512 Jun  9 14:37 mnt
drwxr-xr-x   2 root  wheel  4608 Jun  9 14:01 modules
drwxr-xr-x   3 root  wheel   512 Jun  9 14:37 private
dr-xr-xr-x   2 root  wheel   512 Jan 21 15:45 proc
drwxr-xr-x   2 root  wheel   512 Jun 11 09:12 root
lrwxr-xr-x   1 root  wheel    12 Jun  9 14:38 sbin -> /shared/sbin
drwxr-xr-x   6 root  wheel   512 Jun  9 14:47 shared
drwxrwxrwt   2 root  wheel   512 Jan 21 15:45 tmp
lrwxr-xr-x   1 root  wheel    11 Jun  9 14:38 usr -> /shared/usr
drwxr-xr-x  20 root  wheel   512 Jun  9 14:01 var
[EMAIL PROTECTED] / # ll usr/local var/db
usr/local:
total 2
drwxr-xr-x   2 root  wheel  512 Jun  9 14:38 .
drwxr-xr-x  14 root  wheel  512 Jun  9 14:26 ..
lrwxr-xr-x   1 root  wheel   12 Jun  9 14:38 etc -> /private/etc

var/db:
total 3
drwxr-xr-x   3 root    wheel  512 Jun  9 14:47 .
drwxr-xr-x  20 root    wheel  512 Jun  9 14:01 ..
drwx------   2 root    wheel  512 Jan 21 15:45 ipf
-rw-r--r--   1 nobody  wheel    0 Jan 21 15:46 locate.database
-rw-r--r--   1 root    wheel    0 Jun  9 14:01 mountdtab
lrwxr-xr-x   1 root    wheel   11 Jun  9 14:47 pkg -> /shared/pkg
[EMAIL PROTECTED] / # ll shared private
private:
total 3
drwxr-xr-x   3 root  wheel  512 Jun  9 14:37 .
drwxr-xr-x  13 root  wheel  512 Jun  9 14:38 ..
drwxr-xr-x   2 root  wheel  512 Jun  9 14:27 etc

shared:
total 7
drwxr-xr-x   6 root  wheel   512 Jun  9 14:47 .
drwxr-xr-x  13 root  wheel   512 Jun  9 14:38 ..
drwxr-xr-x   2 root  wheel  1024 Jun  9 14:26 bin
drwxr-xr-x   2 root  wheel   512 Jun  9 14:47 pkg
drwxr-xr-x   2 root  wheel  2048 Jun  9 14:26 sbin
drwxr-xr-x  14 root  wheel   512 Jun  9 14:26 usr

I think this will work, but it seems kind of messy. Am I missing a 
simpler way?

Thanks
Rob.

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"