Project

General

Profile

Support #348

Setting Up A Debian Jail on FreeNAS

Added by Daniel Curtis almost 11 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Jails / Containers
Target version:
Start date:
03/19/2014
Due date:
% Done:

100%

Estimated time:
1.00 h
Spent time:

Description

While setting up the VPS infrastructure, I learned that FreeBSD has to ability to run a Linux OS natively using its Linux Compatibility Layer, and so FreeNAS also supports this. To start, from the web interface go to Jails -> Configuration and make sure that the basic information for the Jails are configured. Next go to Jails and click Add Jails; then give the jail a name, select Debian-7.1.0 as the jail type, and give the jail an IP address. Then click OK at the bottom to download Debian.

NOTE: I was using the old UFS filesystem (instead of ZFS) to hold the jails. There was a problem with Linux jails starting on UFS filesystems, however this was fixed in FreeNAS version 9.2.1.2.

Bootstrap the Debian jail

  • Once the Debian jail has been created and is running, click the Shell icon to open up a shell. A command prompt will appear in the web browser.
  • Now change the root passwd:
    passwd
    
  • And create a new ssh key pair:
    ssh-keygen -t ecdsa
    
  • At this point the Debian jail can also be accessed via SSH as well.
    ssh root@debianjail.example.com
    
  • To start, edit the /etc/apt/sources.list and comment out the cdrom repositories, like so:
    nano /etc/apt/sources.list
    

#!# deb-src cdrom:[Debian GNU/Linux 7.1.0 Wheezy - Official Multi-architecture i386/amd64/source DVD #1 20130615-23:45]/ wheezy main
#!# deb cdrom:[Debian GNU/Linux 7.1.0 Wheezy - Official Multi-architecture i386/amd64/source DVD #1 20130615-23:45]/ wheezy main
#!#
#!#deb-src cdrom:[Debian GNU/Linux 7.1.0 Wheezy - Official Multi-architecture i386/amd64/source DVD #1 20130615-23:45]/ wheezy main
#!#deb cdrom:[Debian GNU/Linux 7.1.0 Wheezy - Official Multi-architecture i386/amd64/source DVD #1 20130615-23:45]/ wheezy main

Then prevent the OS from updating the Linux kernel and GRUB bootloader. This is necessary since the actual kernel is the FreeBSD kernel; upgrading the kernel from the jail will break an upgrade and screw up the jail.

  • To freeze kernel upgrades run:
    echo linux-image-686-pae hold | dpkg --set-selections
    echo linux-image-3.2.0-4-686-pae hold | dpkg --set-selections
    echo initscripts hold | dpkg --set-selections
    echo grub-common hold | dpkg --set-selections
    echo grub-pc hold | dpkg --set-selections
    echo grub-pc-bin hold | dpkg --set-selections
    echo grub2-common hold | dpkg --set-selections
    echo dmsetup hold | dpkg --set-selections
    

    You can then check this worked like so:
    dpkg -la | grep linux-image
    

hi linux-image-3.2.0-4-686-pae 3.2.46-1 i386 Linux 3.2 for modern PCs
hi linux-image-686-pae 3.2+46 i386 Linux for 64-bit PCs (meta-package)

NOTE: Notice the 'hi' at the bottom, h means held and i means currently installed. This package is installed but +will no+t be upgraded.

  • Remove unneeded packages:
    apt-get remove --purge virtualbox-* xserver-* linux-headers-*
    
  • Clean up the package manager and remove orphaned packages:
    apt-get autoremove
    apt-get clean
    

NOTE: This will reduce the size of a system upgrade, and free up space.

  • Update the package repository information and upgrade the OS by running:
    apt-get update
    apt-get upgrade
    

Now the Debian jail can upgrade its packages in a normal manner, without breaking the jail during an upgrade.

Also available in: Atom PDF