[nycbug-talk] newbie: ports into a jail

Isaac Levy ike
Thu Jun 23 13:44:36 EDT 2005

Hi Marco, All,

I just thought I'd throw out ONE STIFF WARNING regarding ports in jails.

On Jun 23, 2005, at 11:16 AM, Marco Scoffier wrote:

>   make DESTDIR=/jails/ install
> Thought I would ask before making a mess of things especially the
> dependencies.

It is bad practice to install *anything*, portage or otherwise in a 
jail, from the host system.

It is good practice to install ports or otherwise from within the jail 

Due to library dependancies, various links in the system, etc, you can 
very quickly make horrific messes for yourself doing this.  It is 
important to install ports/software while logged into the jailed system 
itself, and really treat a jail like an individual server.

If this is a space issue, (keeping the ports tree via cvsup etc...), 
it's simple enough to just delete /usr/ports once your finished 
upgrading the packages.

This is where the ideas using nullfs come into play, mounting read-only 
/path/to/jaildir/usr/ports from a single copy elsewhere, but currently 
nullfs is broken (and therefore generally not trusted) in FreeBSD 5.x.


More information about the talk mailing list