Jail update

Skip to end of metadata
Go to start of metadata

Jail frissítés

Bármennyire is szeretnénk elkerülni, el fog érkezni az a pont, amikor a meglévő jail rendszereinket frissíteni kell. Ennek oka lehet racionalizálás, illetve lehet biztonsági hiba kijavítása is. Most egyszerűen csak racionalizálni fogjuk az eddigi megoldást:

Parancssor
[root@freebsd:~]$ zfs list
NAME                                    USED  AVAIL  REFER  MOUNTPOINT
[...]
dpool/jails/template                    398M   191G   390M  /jails/template
dpool/jails/template@logserver         1.87M      -   284M  -
dpool/jails/template@sysldap               0      -   390M  -
dpool/jails/template@sysdns                0      -   390M  -
dpool/jails/template@sysmail             55K      -   390M  -
dpool/jails/template@postgresql        1.63M      -   390M  -

Mint látni, itt minden egyes jail kapott egy snapshot-ot, de az öt system jail elkészítése után minden változást visszavezettünk a template jail-be. Nos, induljunk el újra a nulláról, hozzunk létre egy üres jail-t:

Parancssor
[root@freebsd:~]$ zfs create dpool/jails/template_new
[root@freebsd:~]$ zfs rollback bpool/usr/src@install
[root@freebsd:~]$ cd /usr/src/
[root@freebsd:/usr/src]$ make world DESTDIR=/jails/template_new/
[...]
--------------------------------------------------------------
>>> make world completed on Wed Aug 27 23:51:47 CEST 2008
                   (started Wed Aug 27 21:51:54 CEST 2008)
--------------------------------------------------------------
[root@freebsd:/usr/src]$ make distribution DESTDIR=/jails/template_new/
[root@freebsd:/usr/src]$ cp /etc/resolv.conf /jails/template_new/etc/
[root@freebsd:/usr/src]$ mkdir /jails/template_new/usr/ports
[root@freebsd:/usr/src]$ cp /etc/make.conf /jails/template_new/etc/
[root@freebsd:/usr/src]$ touch /jails/template_new/etc/fstab
[root@freebsd:/usr/src]$ cp /etc/profile /jails/template_new/etc/
[root@freebsd:/usr/src]$ cp /etc/login.conf /jails/template_new/etc/
[root@freebsd:/usr/src]$ echo 'keymap="hu.iso2.101keys"' >>/jails/template_new/etc/rc.conf
[root@freebsd:/usr/src]$ echo 'network_interfaces=""' >>/jails/template_new/etc/rc.conf
[root@freebsd:/usr/src]$ echo 'rpcbind_enable="NO"' >>/jails/template_new/etc/rc.conf
[root@freebsd:/usr/src]$ zfs set mountpoint=/jails/template_new/usr/ports dpool/jails/ports/template
[root@freebsd:/usr/src]$ mount -t devfs devfs /jails/template_new/dev
[root@freebsd:/usr/src]$ ifconfig bge0 alias 192.168.1.254 netmask 255.255.255.0

Lépjünk bele és telepítsünk fel pár alap csomagot:

Parancssor
[root@freebsd:/usr/src]$ jail /jails/template_new/ template_new 192.168.1.254 /bin/csh
template_new# cd /usr/ports/ports-mgmt/portupgrade      
template_new# make && make install && make clean 
[...]
template_new# rehash
template_new# portinstall -i bash
[...]
template_new# portinstall -i mc-light bash
[...]
template_new# portinstall -i syslog-ng2
[...]
template_new# portinstall -i openldap-client

Állítsuk be a megfelelő értékeket a /etc/rc.conf fájlban:

Parancssor
template_new# echo '' >>/etc/rc.conf
template_new# echo 'syslogd_enable="NO"' >> /etc/rc.conf
template_new# echo 'syslog_ng_enable="YES"' >> /etc/rc.conf

Mivel itt már feltelepítettük a syslog-ng csomagot, állítsuk be a kliens módot:

/usr/local/etc/syslog-ng.conf
options { long_hostnames(off); sync(0); };

source src { unix-dgram("/var/run/log");
             unix-dgram("/var/run/logpriv" perm(0600));
             internal(); };

destination remote { tcp( "logserver.system.jails.javaforum.hu" port(1999) ); };
log { source(src); destination(remote); };

Ellenőrizzük a resolv.conf tartalmát (a 192.168.2.3 címről majd később):

/etc/resolv.conf
search          .
nameserver      192.168.1.3
nameserver      192.168.2.3
nameserver      208.67.222.222
nameserver      208.67.220.220

Szerkesszük az aliases állományt:

/etc/aliases
root: root@javaforum.hu

Generáljunk új aliases adatbázist, majd kliens módban konfiguráljuk a sendmail programot, generáljunk neki új konfigot:

Parancssor
template_new# newaliases
WARNING: local host name (template_new) is not qualified; see cf/README: WHO AM I?
/etc/mail/aliases: 28 aliases, longest 17 bytes, 296 bytes total
template_new# echo 'sendmail_enable="NO"' >>/etc/rc.conf
template_new# cd /etc/mail
template_new# make
cp freebsd.mc template_new.mc
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 template_new.mc > template_new.cf
cp freebsd.submit.mc template_new.submit.mc
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 template_new.submit.mc > template_new.submit.cf

A belépéskor megadott hostname alapján kell szerkesztenünk az mc állományt:

/etc/mail/template_new.mc
define(`SMART_HOST',`mail.system.jails.javaforum.hu')dnl

Telepítsük az új konfigot:

Parancssor
template_new# make install
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/   /usr/share/sendmail/cf/m4/cf.m4 template_new.mc > template_new.cf
install -m 444 template_new.cf /etc/mail/sendmail.cf
install -m 444 template_new.submit.cf /etc/mail/submit.cf

Ellenőrizzük, hogy megfelelő-e:

/etc/mail/sendmail.cf
DSmail.system.jails.javaforum.hu

Állítsuk be az időzónát:

Parancssor
template_new# cd /usr/share/zoneinfo
template_new# cp /usr/share/zoneinfo/Europe/Budapest /etc/localtime

Telepítsünk fel pár hasznos csomagot:

  • portaudit
  • autoconf (2.6.*)
  • expat (2.*)
  • libxml2 (2.6.*)
  • postgresql-client (8.3.*)
  • mysql-client (5.1.*)
  • wget
  • screen
  • nmap

Takarítsunk ki magunk után, majd hozzuk létre a @base snapshot-ot:

Parancssor
[root@freebsd:~]$ rm -Rf /jails/template_new/tmp/*
[root@freebsd:~]$ rm /jails/template_new/root/.bash_history
[root@freebsd:~]$ rm /jails/template_new/root/.history
[root@freebsd:~]$ zfs list dpool/jails/template_new
NAME                       USED  AVAIL  REFER  MOUNTPOINT
dpool/jails/template_new   462M   190G   462M  /jails/template_new
[root@freebsd:~]$ zfs snapshot dpool/jails/template_new@base

Kész az új template, ami minden földi jót tartalmaz... most már csak minimális leállással frissíteni kell az egyes jail-eket.

Logserver migráció

Célszerű abban a sorrendben megoldani a migrációt, amelyben létrehoztuk az egyes szolgáltatások jail-jét, ezért a syslogserv migrálásával kezdünk.

Első körben klónozunk egy új fájlrendszert, majd megadjuk a hostname értékét, illetve átmásoljuk az egyetlen konfigurációs fájlt:

Parancssor
[root@freebsd:~]$ zfs clone dpool/jails/template_new@base dpool/jails/system/logserver_new
[root@freebsd:~]$ echo 'hostname="logserver.system.jails.javaforum.hu"' >>/jails/system/logserver_new/etc/rc.conf
[root@freebsd:~]$ cp /jails/system/logserver/usr/local/etc/syslog-ng.conf /jails/system/logserver_new/usr/local/etc/syslog-ng.conf

Ezen a ponton le kell állítanunk a syslogserv jail-t, hogy átnevezhessük, illetve racionalizálhassuk a felhasznált fájlrendszereket:

Parancssor
[root@freebsd:~]$ /etc/rc.d/jail stop syslogserv
Stopping jails: logserver.system.jails.javaforum.hu.
[root@freebsd:~]$ zfs list | grep logserver
dpool/jails/ports/system/logserver         0   190G   153M  /jails/system/logserver/usr/ports
dpool/jails/system/logserver            113M   190G   390M  /jails/system/logserver
dpool/jails/system/logserver/logfiles  4.82M   190G  4.82M  /jails/system/logserver/var/log
dpool/jails/system/logserver_new        105K   190G   462M  /jails/system/logserver_new
dpool/jails/template@logserver         1.87M      -   284M  -

Első közelítésben egyszerű átnevezéssel megoldható probléma:

Parancssor
[root@freebsd:~]$ zfs set mountpoint=none dpool/jails/system/logserver/logfiles
[root@freebsd:~]$ zfs set mountpoint=none dpool/jails/ports/system/logserver
[root@freebsd:~]$ zfs rename dpool/jails/system/logserver dpool/jails/system/logserver_old
[root@freebsd:~]$ zfs rename dpool/jails/system/logserver_new dpool/jails/system/logserver
[root@freebsd:~]$ zfs set mountpoint=/jails/system/logserver/usr/ports dpool/jails/ports/system/logserver
[root@freebsd:~]$ zfs list | grep logserver
dpool/jails/ports/system/logserver             0   190G   153M  /jails/system/logserver/usr/ports
dpool/jails/system/logserver                105K   190G   462M  /jails/system/logserver
dpool/jails/system/logserver_old            113M   190G   390M  /jails/system/logserver_old
dpool/jails/system/logserver_old/logfiles  4.82M   190G  4.82M  none
dpool/jails/template@logserver             1.87M      -   284M  -

Nos, nem egészen így terveztük, a logfiles a fájlrendszer hierarchia része, ezért ezzel problémák lesznek, készítsünk egy új fájlrendszer ágat az adatoknak:

Parancssor
[root@freebsd:~]$ zfs create dpool/jails/data
[root@freebsd:~]$ zfs create dpool/jails/data/system
[root@freebsd:~]$ zfs create dpool/jails/data/system/logserver
[root@freebsd:~]$ zfs set compression=on dpool/jails/data/system/logserver

Majd migráljuk át az adatokat, és csatoljuk fel az új fájlrendszert:

Parancssor
[root@freebsd:~]$ zfs snapshot dpool/jails/system/logserver_old/logfiles@send
[root@freebsd:~]$ zfs send dpool/jails/system/logserver_old/logfiles@send | zfs receive -v dpool/jails/data/system/logserver/logfiles
receiving full stream of dpool/jails/system/logserver_old/logfiles@send into dpool/jails/data/system/logserver/logfiles@send
received 50.0Mb stream in 3 seconds (16.7Mb/sec)
[root@freebsd:~]$ zfs set mountpoint=/jails/system/logserver/var/log dpool/jails/data/system/logserver/logfiles

Töröljük ki a küldéskor létrejött snapshot-ot, majd nézzük meg, miképpen állunk:

Parancssor
[root@freebsd:~]$ zfs destroy dpool/jails/data/system/logserver/logfiles@send
[root@freebsd:~]$ zfs list | grep logserver
dpool/jails/data/system/logserver               12.7M   190G    18K  /jails/data/system/logserver
dpool/jails/data/system/logserver/logfiles      12.6M   190G  12.6M  /jails/system/logserver/var/log
dpool/jails/ports/system/logserver                  0   190G   153M  /jails/system/logserver/usr/ports
dpool/jails/system/logserver                     518K   190G   462M  /jails/system/logserver
dpool/jails/system/logserver_old                 113M   190G   390M  /jails/system/logserver_old
dpool/jails/system/logserver_old/logfiles       4.82M   190G  4.82M  none
dpool/jails/system/logserver_old/logfiles@send      0      -  4.82M  -
dpool/jails/template@logserver                  1.87M      -   284M  -

Van mit takarítani:

Parancssor
[root@freebsd:~]$ zfs destroy dpool/jails/system/logserver_old/logfiles@send
[root@freebsd:~]$ zfs destroy dpool/jails/system/logserver_old/logfiles
[root@freebsd:~]$ zfs destroy dpool/jails/system/logserver_old
[root@freebsd:~]$ zfs destroy dpool/jails/template@logserver
[root@freebsd:~]$ zfs list | grep logserver
dpool/jails/data/system/logserver           12.7M   190G    18K  /jails/data/system/logserver
dpool/jails/data/system/logserver/logfiles  12.6M   190G  12.6M  /jails/system/logserver/var/log
dpool/jails/ports/system/logserver              0   190G   153M  /jails/system/logserver/usr/ports
dpool/jails/system/logserver                 659K   190G   462M  /jails/system/logserver

Most már indulhat a naplózó szolgáltatás:

Parancssor
[root@freebsd:~]$ /etc/rc.d/jail start syslogserv
Configuring jails:.
Starting jails: logserver.system.jails.javaforum.hu.

LDAP migráció

[root@freebsd:~]$ zfs clone dpool/jails/template_new@base dpool/jails/system/ldap_new
[root@freebsd:~]$ zfs set mountpoint=/jails/system/ldap_new/usr/ports dpool/jails/ports/system/ldap
[root@freebsd:~]$ mount -t devfs devfs /jails/system/ldap_new/dev
[root@freebsd:~]$ jail /jails/system/ldap_new ldap_new 192.168.1.254 /usr/local/bin/bash
[root@ldap_new:/]$ portinstall -i openldap-server
[root@ldap_new:/]$ echo 'slapd_enable="YES"' >>/etc/rc.conf
[root@ldap_new:/]$ echo 'hostname="ldap.system.jails.javaforum.hu"' >>/etc/rc.conf
[root@ldap_new:/]$ exit
[root@freebsd:~]$ mkdir /jails/system/ldap_new/usr/local/etc/openldap/schema/own
[root@freebsd:~]$ cp /jails/system/ldap/usr/local/etc/openldap/schema/own/dnsdomain2.schema /jails/system/ldap_new/usr/local/etc/openldap/schema/own
[root@freebsd:~]$ cp /jails/system/ldap/usr/local/etc/openldap/slapd.conf /jails/system/ldap_new/usr/local/etc/openldap/
[root@freebsd:~]$ zfs create dpool/jails/data/system/ldap
[root@freebsd:~]$ umount /jails/system/ldap_new/dev
[root@freebsd:~]$ /etc/rc.d/jail stop sysldap
Stopping jails: ldap.system.jails.javaforum.hu.
[root@freebsd:~]$ zfs set mountpoint=none dpool/jails/system/ldap/dbfiles
[root@freebsd:~]$ zfs snapshot dpool/jails/system/ldap/dbfiles@send
[root@freebsd:~]$ zfs send dpool/jails/system/ldap/dbfiles@send | zfs receive dpool/jails/data/system/ldap/db
[root@freebsd:~]$ zfs destroy dpool/jails/data/system/ldap/db@send
[root@freebsd:~]$ zfs destroy dpool/jails/system/ldap/dbfiles@send
[root@freebsd:~]$ zfs rename dpool/jails/system/ldap dpool/jails/system/ldap_old
[root@freebsd:~]$ zfs rename dpool/jails/system/ldap_new dpool/jails/system/ldap
[root@freebsd:~]$ zfs set mountpoint=/jails/system/ldap/usr/ports/ dpool/jails/ports/system/ldap
[root@freebsd:~]$ zfs set mountpoint=/jails/system/ldap/var/db/openldap-data/ dpool/jails/data/system/ldap/db
[root@freebsd:~]$ /etc/rc.d/jail start sysldap
Configuring jails:.
Starting jails: ldap.system.jails.javaforum.hu.
[root@freebsd:~]$ zfs destroy dpool/jails/system/ldap_old/dbfiles
[root@freebsd:~]$ zfs destroy dpool/jails/system/ldap_old
[root@freebsd:~]$ zfs destroy dpool/jails/template@sysldap
[root@freebsd:~]$ zfs list | grep ldap
dpool/jails/data/system/ldap 2.10M 190G 18K /jails/data/system/ldap
dpool/jails/data/system/ldap/db 2.09M 190G 2.09M /jails/system/ldap/var/db/openldap-data/
dpool/jails/ports/system/ldap 0 190G 153M /jails/system/ldap/usr/ports/
dpool/jails/system/ldap 59.2M 190G 518M /jails/system/ldap

DNS migráció

[root@freebsd:~]$ zfs clone dpool/jails/template_new@base dpool/jails/system/dns_new
[root@freebsd:~]$ zfs set mountpoint=/jails/system/dns_new/usr/ports dpool/jails/ports/system/dns
[root@freebsd:~]$ mount -t devfs devfs /jails/system/dns_new/dev
[root@freebsd:~]$ jail /jails/system/dns_new dns_new 192.168.1.254 /usr/local/bin/bash
[root@dns_new:/]$ portinstall -i powerdns
[root@dns_new:/]$ portinstall -i powerdns-recursor
[root@dns_new:/]$ echo 'pdns_enable="YES"' >>/etc/rc.conf
[root@dns_new:/]$ echo 'hostname="dns.system.jails.javaforum.hu"' >>/etc/rc.conf
[root@dns_new:/]$ exit
[root@freebsd:~]$ cp /jails/system/dns/usr/local/etc/pdns/pdns.conf /jails/system/dns_new/usr/local/etc/pdns/
[root@freebsd:~]$ /etc/rc.d/jail stop sysdns
Stopping jails: dns.system.jails.javaforum.hu.
[root@freebsd:~]$ zfs rename dpool/jails/system/dns dpool/jails/system/dns_old
[root@freebsd:~]$ zfs set mountpoint=none dpool/jails/ports/system/dns
[root@freebsd:~]$ umount /jails/system/dns_new/dev
[root@freebsd:~]$ zfs rename dpool/jails/system/dns_new dpool/jails/system/dns
[root@freebsd:~]$ zfs set mountpoint=/jails/system/dns/usr/ports dpool/jails/ports/system/dns
[root@freebsd:~]$ /etc/rc.d/jail start sysdns
Configuring jails:.
Starting jails: dns.system.jails.javaforum.hu.
[root@freebsd:~]$ nslookup 192.168.1.3 192.168.1.3
Server: 192.168.1.3
Address: 192.168.1.3#53

3.1.168.192.in-addr.arpa name = dns.system.jails.javaforum.hu.
[root@freebsd:~]$ zfs destroy dpool/jails/system/dns_old
[root@freebsd:~]$ zfs destroy dpool/jails/template@sysdns
[root@freebsd:/var/run]$ zfs list | grep dns
dpool/jails/ports/system/dns 0 190G 153M /jails/system/dns/usr/ports
dpool/jails/system/dns 81.6M 190G 540M /jails/system/dns

mail migráció

[root@freebsd:/var/run]$ zfs clone dpool/jails/template_new@base dpool/jails/system/mail_new
[root@freebsd:/var/run]$ zfs set mountpoint=/jails/system/mail_new/usr/ports dpool/jails/ports/system/mail
[root@freebsd:/var/run]$ mount -t devfs devfs /jails/system/mail_new/dev
[root@freebsd:/var/run]$ jail /jails/system/mail_new mail_new 192.168.1.254 /usr/local/bin/bash
[root@mail_new:/]$ echo 'sendmail_enable="NONE"' >>/etc/rc.conf
[root@mail_new:/]$ echo 'hostname="mail.system.jails.javaforum.hu"' >>/etc/rc.conf
[root@mail_new:/]$ portinstall -i postfix
[root@mail_new:/]$ portupgrade -i dovecot
[root@mail_new:/]$ export MAIL_GID=nobody
[root@mail_new:/]$ portinstall -i mailman
[root@mail_new:/]$ portinstall -i apache
[root@mail_new:/]$ portinstall -i squirrelmail
[root@mail_new:/]$ portinstall -i postgrey
[root@mail_new:/]$ portinstall -i amavisd-new clamav
[root@mail_new:/]$ echo 'postfix_enable="YES"' >>/etc/rc.conf
[root@mail_new:/]$ echo 'postgrey_enable="YES"' >>/etc/rc.conf
[root@mail_new:/]$ echo 'dovecot_enable="YES"' >>/etc/rc.conf
[root@mail_new:/]$ echo 'amavisd_enable="YES"' >>/etc/rc.conf
[root@mail_new:/]$ echo 'clamav_clamd_enable="YES"' >>/etc/rc.conf
[root@mail_new:/]$ echo 'clamav_freshclam_enable="YES"' >>/etc/rc.conf
[root@mail_new:/]$ echo 'mailman_enable="YES"' >>/etc/rc.conf
[root@mail_new:/]$ echo 'apache22_enable="YES"' >>/etc/rc.conf
[root@mail_new:/]$ exit
[root@freebsd:~]$ cp /jails/system/mail/etc/mail/aliases /jails/system/mail_new/etc/mail/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/ldap-dovecot.conf /jails/system/mail_new/usr/local/etc/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/javaforum.hu.unsecured.key /jails/system/mail_new/usr/local/etc/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/javaforum.hu.crt /jails/system/mail_new/usr/local/etc/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/dovecot.conf /jails/system/mail_new/usr/local/etc/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/freshclam.conf /jails/system/mail_new/usr/local/etc/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/amavisd.conf /jails/system/mail_new/usr/local/etc/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/clamd.conf /jails/system/mail_new/usr/local/etc/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/php.ini /jails/system/mail_new/usr/local/etc/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/postfix/main.cf /jails/system/mail_new/usr/local/etc/postfix/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/postfix/master.cf /jails/system/mail_new/usr/local/etc/postfix/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/postfix/ldap-aliases.cf /jails/system/mail_new/usr/local/etc/postfix/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/postfix/ldap-domains.cf /jails/system/mail_new/usr/local/etc/postfix/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/postfix/ldap-mailbox.cf /jails/system/mail_new/usr/local/etc/postfix/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/apache22/Includes/php5.conf /jails/system/mail_new/usr/local/etc/apache22/Includes/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/etc/apache22/Includes/mailman.conf /jails/system/mail_new/usr/local/etc/apache22/Includes/
[root@freebsd:~]$ cp /jails/system/mail/usr/local/www/squirrelmail/config/config.php /jails/system/mail_new/usr/local/www/squirrelmail/config/
[root@freebsd:~]$ cp /jails/system/mail_old/usr/local/mailman/Mailman/mm_cfg.py /jails/system/mail/usr/local/mailman/Mailman/
[root@freebsd:~]$ jail /jails/system/mail_new mail_new 192.168.1.254 /usr/local/bin/bash
[root@mail_new:/]$ newaliases
[root@mail_new:/]$ exit
[root@freebsd:~]$ zfs create dpool/jails/data/system/mail
[root@freebsd:~]$ zfs set compression=on dpool/jails/data/system/mail
[root@freebsd:~]$ zfs snapshot dpool/jails/system/mail/mails@send
[root@freebsd:~]$ zfs send dpool/jails/system/mail/mails@send | zfs receive dpool/jails/data/system/mail/mails
[root@freebsd:~]$ zfs destroy dpool/jails/data/system/mail/mails@send
[root@freebsd:~]$ zfs destroy dpool/jails/system/mail/mails@send
[root@freebsd:~]$ zfs set mountpoint=none dpool/jails/system/mail/mails
[root@freebsd:~]$ zfs set mountpoint=none dpool/jails/ports/system/mail
[root@freebsd:~]$ umount /jails/system/mail_new/dev
[root@freebsd:~]$ zfs rename dpool/jails/system/mail dpool/jails/system/mail_old
[root@freebsd:~]$ zfs rename dpool/jails/system/mail_new dpool/jails/system/mail
[root@freebsd:~]$ zfs set mountpoint=/jails/system/mail/mails dpool/jails/data/system/mail/mails
[root@freebsd:~]$ zfs set mountpoint=/jails/system/mail/usr/ports dpool/jails/ports/system/mail

/etc/group:
vscan + clamav

[root@freebsd:~]$ zfs destroy dpool/jails/system/mail_old
[root@freebsd:~]$ zfs destroy dpool/jails/template@sysmail

PostgreSQL migrálás

[root@freebsd:~]$ zfs clone dpool/jails/template_new@base dpool/jails/system/postgresql_new
[root@freebsd:~]$ zfs set mountpoint=/jails/system/postgresql_new/usr/ports dpool/jails/ports/system/postgresql
[root@freebsd:~]$ mount -t devfs devfs /jails/system/postgresql_new/dev/
[root@freebsd:~]$ jail /jails/system/postgresql_new/ postgresql_new 192.168.1.254 /usr/local/bin/bash
[root@postgresql_new:/]$ echo 'hostname="postgresql.system.jails.javaforum.hu"' >>/etc/rc.conf
[root@postgresql_new:/]$ portinstall -i postgresql-server
[root@postgresql_new:/]$ exit
[root@freebsd:~]$ zfs create dpool/jails/data/system/postgresql
[root@freebsd:~]$ zfs create dpool/jails/data/system/postgresql/pgdata
[root@freebsd:~]$ zfs rename dpool/jails/system/postgresql dpool/jails/system/postgresql_old
[root@freebsd:~]$ umount /jails/system/postgresql_new/dev/
[root@freebsd:~]$ zfs set mountpoint=none dpool/jails/ports/system/postgresql
[root@freebsd:~]$ zfs rename dpool/jails/system/postgresql_new dpool/jails/system/postgresql
[root@freebsd:~]$ zfs set mountpoint=/jails/system/postgresql/usr/ports/ dpool/jails/ports/system/postgresql
[root@freebsd:~]$ zfs set mountpoint=/jails/system/postgresql/usr/local/pgsql dpool/jails/data/system/postgresql/pgdata

Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.