View Single Post
  #5   (View Single Post)  
Old 17th May 2008
cajunman4life cajunman4life is offline
Real Name: Aaron Graves
Package Pilot
 
Join Date: May 2008
Location: Coolidge, Arizona
Posts: 203
Default

The doc that Weaseal posted can also be done easily using ezjail (in the ports tree as sysutils/ezjail). Personally, I have just about everything jailed on my system (the base system is just that pretty much). Apache is in a jail, MySQL is in a jail, PostgreSQL in a jail, vsftpd is in a jail, and even "shell services" in a jail. I make use of mount_nullfs when absolutely necessary (for example, on shell server, ~/public_html is a softlink to /www/<username> in the jail system, and that FS is mount_nullfs to the WWW jail so that userdirs still display from the webserver... I know it's not perfect, but it's a good option without giving everybody access to the web server).
__________________
I just saved a bunch of money on my car insurance by fleeing the scene of the accident!
Reply With Quote