On Wed, May 23, 2018 4:35 am, Thomas Huber wrote: > Hi all, > > I´m just tinkering a little bit and try to mimic some "containerization" > on > OpenBSD with chroot. Is it somehow possible to attach a chrooted > envirionment to swtichd(8) ? > > Thanks > Thomas >
OpenBSD's chroot is not like a Linux contianer or FreeBSD jail. There is no network isolation. Inside the chroot, you get all the same interfaces, IP's, routes, ports as on the "host" or in another chroot. So doing anything with the network in the chroot is exactly as same as doing it normally. If you want to isolate, you probably need vether or tap or the like to make virtual interfaces and manually tie them to whatever you have running in the chroots and muanully set up proxies or whatever you need to make services accessible.
