After a lengthy Twitter discussion this afternoon, and a post to the forums, I decided to alter my ezjail basejail.
The issue: when you update the basejail, /etc/rc.d and /etc/periodic do not get updated. This is by design.
I wanted those directories to get updated. So I have changed the basejail.
I will outline first, and go into more detail after I have changed all the jails
On the jail host:
NOTE: I am unsure of this. I question my changes to /usr/jails/newjail/var/db/etcupdate.
cd /usr/jails/newjail/var/db/etcupdate/current/etc mv rc.d rc.d.DO.NOT.USE mv periodic periodic.DO.NOT.USE cd /usr/jails/basejail/etc cp -rp /etc/rc.d . cp -rp /etc/periodic .
On the jail:
cd /etc mv rc.d rc.d.DO.NOT.USE && ln -s /basejail/etc/rc.d mv periodic periodic.DO.NOT.USE && ln -s /basejail/etc/periodic
Then I restarted sshd in the jail:
$ sudo service sshd restart Password: Performing sanity check on sshd configuration. Could not load host key: /etc/ssh/ssh_host_ed25519_key Stopping sshd. Waiting for PIDS: 6582. Generating ED25519 host key. 256 f4:9f:e1:03:1d:94:1a:67:1f:36:f0:12:41:81:8f:2a root@jester.unixathome.org (ED25519) Performing sanity check on sshd configuration. Starting sshd.
That’s exactly what you should see. I call this success.
NOTE
This is only a proof of concept.
- When you install a new basejail, you will have to perform the modifications listed above
- When you create a new jail, you need to perform the modifications listed above
