> BSD jails do overcome some of the failures of chroot, and do > make it harder to escape the jail. But they offer little protection > inside the jail. There is only one IP address per jail, and no loopback > device. There are no device nodes. Some applications won't run under > these conditions.
There are device nodes, jails now offer multiple IPs (although you can get by without it), and most applications will run fine. I ran asterisk in such an environment for years with no issues. They're not the end-all-be-all, by any means, but they are a light-weight way to split up applications on a box, and very simple to manage. (To save a reply to Greg Donald - "ezjail" would have solved your problems very easily) Michael -- Michael Darrin Chaney, Sr. mdcha...@michaelchaney.com http://www.michaelchaney.com/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en -~----------~----~----~----~------~----~------~--~---
