Highest Voted 'jails' Questions - Unix and Linux Stack Exchange

76

votes

1 answer

Linux LXC vs FreeBSD jail

Are there any notable differences between LXC (Linux containers) and FreeBSD's jails in terms of security, stability & performance? On first look, both approaches look very similar.

asked Apr 28 '14 at 23:21

Philipp Claßen

4,689
7
29
41

27

votes

5 answers

How to "jail" a process without being root?

Were I root, I could simply create a dummy user/group, set file permissions accordingly and execute the process as that user. However I am not, so is there any way to achieve this without being root?

permissions non-root-user jails

asked Jan 25 '11 at 13:49

Tobias Kienzler

9,184
13
65
106

11

votes

1 answer

Linux: Is there handy way to exec a program binding it to IP-address of choice?

In FreeBSD 4.9 it was very easy to accomplish with just a single command like jail [-u username] path hostname ip-number command if path was / you had running just the same program as usual but all its network communication was restricted to use…

linux freebsd ip lxc jails

asked Sep 13 '14 at 19:45

poige

6,195
2
30
57

9

votes

2 answers

Is there an easy way to create a FreeBSD rc script?

I have a FreeBSD jail in which I run a server using the command: /usr/sbin/daemon /path/to/script.py At the moment I have to run this command every time I restart the machine and the jail starts. I'd like to have this command started from /etc/rc.…

shell-script freebsd startup daemon jails

asked Oct 10 '12 at 14:34

Josh

8,311
12
54
73

7

votes

4 answers

How can I safely give a shell to somebody?

I have a question about giving a shell account to somebody. How safe is it? He could read /etc. How can I give a secured shell account that will only restrict the user to some bins and his own home? Is the only way a chroot jail?

linux security users jails

asked Mar 21 '11 at 20:10

CappY

173
4

7

votes

4 answers

Can LXC be used to jail instances of an installed browser?

Is it possible to use LXC on a desktop system to confine browsers and other pieces of software that have in the past been shown to be prone to certain kinds of exploits. So what I want to achieve is to jail, say Firefox, be still able to view its…

browser lxc jails

asked Sep 25 '13 at 00:11

0xC0000022L

16,189
24
102
168

7

votes

3 answers

How does bash know how it is being invoked?

I've installed jailkit on Ubuntu 12.04 and I have set up a user's shell to /bin/bash - but when it is invoked it runs /etc/bash.bashrc instead of /etc/profile If you haven't used jailkit before here's the gist of it: A "jailed" version of the…

bash ubuntu login jails

asked Jun 03 '13 at 04:46

cwd

44,479
71
146
167

7

votes

2 answers

How to achieve the effect of chroot in userspace in Linux (without being root)?

The goal is to install and run programs in a displaced (relocated) distro (whose / must not coincide with the global /) inside a host Linux system. The programs are not adapted for using a different / . fakechroot is not a complete solution because…

non-root-user virtualization chroot jails

asked Apr 17 '13 at 03:00

imz -- Ivan Zakharyaschev

15,113
15
61
123

7

votes

3 answers

Running Viber as another user while using "mine" X Server's microphine and speakers

I run Fedora with GNOME and recently installed Viber for linux. It's very good and all is working just fine. As Viber is not open-source software, I decided to run it as another user to make sure that it doesn't have access to my files without my…

fedora security gnome selinux jails

asked Dec 06 '13 at 08:27

Ilia Ross

363
3
16

6

votes

1 answer

How can I mount a directory of the host system for use inside a FreeBSD jail?

I am performing the following on FreeBSD 9.0-STABLE: mount_nullfs /foo /jail/foo After that, from within the host system, the mount works. So this works: touch /foo/bar && ls /jail/foo/bar But when I change into the jail the mounted directory is…

mount directory freebsd chroot jails

asked Feb 04 '13 at 14:36

user569825

507
1
7
15

6

votes

3 answers

How to jail a fastcgi server (or a web-proxied server)?

If you have a web-server (e.g. nginx) often you use a fast-cgi server or another application-http-server for dynamic content. That means in both cases you have a nice process separation between the web-server process and the fast-cgi (or…

cgroups jails

asked Jun 09 '11 at 14:08

maxschlepzig

56,316
50
205
279

5

votes

2 answers

How to install PostgreSQL 9.3 in FreeBSD jail?

I configured virtual NICS using pf, and a jail for FreeBSD using qjail create pgsql-jail 192.168.0.3. When I tried to install PostgreSQL 9.3 using port collection, it shows strange message at first. pgsql-jail…

freebsd postgresql jails bsd-ports

asked Oct 07 '13 at 15:29

Eonil

4,607
11
30
30

5

votes

1 answer

What does 'mergemaster' do that 'make distribution' doesn't?

After calling make installworld (or make world), there are two ways of updating source files in the new world: calling mergemaster -p or make distribution. I know that mergemaster calls make distribution but what else does it do and why would I…

freebsd source jails

asked Aug 12 '10 at 00:49

gvkv

2,728
24
17

5

votes

1 answer

ssh in chrooted jail doesn't work because of /dev/null operation not supported

I am trying to set up a ssh-chroot jail on one of my NAS servers. The system runs on NAS4Free (which is based on nanobsd). The user should be able to run only one command, which is a bash-script that opens ssh to another server and executes one…

freebsd devices chroot jails

asked Nov 30 '16 at 16:08

user6329530

340
6
17

5

votes

2 answers

Accessing ports on public IP from within a FreeBSD jail

In a FreeBSD 10 setup, I have a jail running the publicly accessible nginx web server and another jail for the Java backend server based on Jetty. Each jail has its own internal IP address 127.0.1.x attached to the lo1 loopback interface. All this…

freebsd jails pf

asked Mar 24 '16 at 11:09

Martin Dirichs

61
4

Questions tagged [jails]