Support #348
Updated by Daniel Curtis about 10 years ago
While setting up the VPS infrastructure, I learned that FreeBSD has to ability to run a Linux OS natively using its Linux Compatibility Layer, and so FreeNAS also supports this. To start, from the web interface go to +Jails -> Configuration+ and make sure that the basic information for the Jails are configured. Next go to +Jails+ and click *Add Jails*; then give the jail a *name*, select _Debian-7.1.0_ as the *jail type*, and give the jail an *IP address*. Then click *OK* at the bottom to download Debian.
NOTE: I was using the old UFS filesystem (instead of ZFS) to hold the jails. There was a problem with Linux jails starting on UFS filesystems, however this was fixed in FreeNAS version 9.2.1.2.
h2. Bootstrap the Debian jail
Once the Debian jail has been created and is running, click the *Shell* icon to open up a shell. A command prompt will appear in the web browser. Now change the root passwd:
<pre>
passwd
</pre>
And create a new ssh key pair:
<pre>
ssh-keygen -t ecdsa
</pre>
At this point the Debian jail can also be accessed via SSH as well.
<pre>
ssh root@debianjail.example.com
</pre>
To start, edit the /etc/apt/sources.list and comment out the cdrom repositories, like so:
<pre>
nano /etc/apt/sources.list
</pre>
> #!# deb-src cdrom:[Debian GNU/Linux 7.1.0 _Wheezy_ - Official Multi-architecture i386/amd64/source DVD #1 20130615-23:45]/ wheezy main
> #!# deb cdrom:[Debian GNU/Linux 7.1.0 _Wheezy_ - Official Multi-architecture i386/amd64/source DVD #1 20130615-23:45]/ wheezy main
> #!#
> #!#deb-src cdrom:[Debian GNU/Linux 7.1.0 _Wheezy_ - Official Multi-architecture i386/amd64/source DVD #1 20130615-23:45]/ wheezy main
> #!#deb cdrom:[Debian GNU/Linux 7.1.0 _Wheezy_ - Official Multi-architecture i386/amd64/source DVD #1 20130615-23:45]/ wheezy main
Then prevent the OS from updating the Linux kernel and GRUB bootloader. This is necessary since the actual kernel is the FreeBSD kernel; upgrading the kernel from the jail will break an upgrade and screw up the jail. To freeze kernel upgrades run:
<pre>
echo linux-image-686-pae hold | dpkg --set-selections
echo linux-image-3.2.0-4-686-pae hold | dpkg --set-selections
echo initscripts hold | dpkg --set-selections
echo grub-common hold | dpkg --set-selections
echo grub-pc hold | dpkg --set-selections
echo grub-pc-bin hold | dpkg --set-selections
echo grub2-common hold | dpkg --set-selections
</pre>
You can then check this worked like so:
<pre>
dpkg -la | grep linux-image
</pre>
> hi linux-image-3.2.0-4-686-pae 3.2.46-1 i386 Linux 3.2 for modern PCs
> hi linux-image-686-pae 3.2+46 i386 Linux for 64-bit PCs (meta-package)
NOTE: Notice the 'hi' at the bottom, *+h+* means held and *+i+* means currently installed. This package is installed but +will no+t be upgraded.
Update the package repository information and upgrade the OS by running:
<pre>
apt-get update
apt-get upgrade
</pre>
Now the Debian jail can upgrade its packages in a normal manner, without breaking the jail during an upgrade.