justauser wrote:Finch looks great but I was wondering would I be able to create a stripped jail using Finch?
Well - the program that Finch provides for you is actually "qjail". And you are free to use any other jails software that is available on FreeBSD systems. You may see a little more info about those other jail systems alternatives in the Finch FAQ.
But to answer your question (in respect to qjail):
Qjail does not provide an option to create stripped jails. Qjail it *does* provide a very simple (but effective) jail templating system, whereby you are free to create "flavors" which are simple overlays applied onto a very small base "template" jail.
Now then. A full Freebsd base image is located in "/usr/jails/sharedfs". This shared filesystem is automatically mounted read-only into all jails. So all of qjail's jails share the same 1 single "sharedfs" folder for the:
* FreeBSD base image
* Ports tree
Your jail's unique files are in a folder "/usr/jails/$jailname". Which is going to be where the shared filesystem ("sharedfs") is mounted to.
This gives many benefits over "stripped jails" and is a more flexible approach. TBH stripped jails are often just a lot of effort for not much reward. So unless you have a specific reason to use stripped jails, then it is by far less headache to just go with the flow here and use the provided mechanism.
In terms of disk space, take for example finch's ssh jail template. It is only 104 kilobytes:
Code: Select all
freenas // root^> cd /usr/jails/flavors/finch-ssh
freenas finch-ssh/ root^> du -sh
104k .
Of course the template jail folder (83MB) will be duplicated for each jail. But sharedfs folder (1.0GB) will not be, so is effectively, an additional "0 Kb" for every jail you create above 1.
justauser wrote:
Also the mounting of filesystems looks a little confusing to me.
Sorry about that. Its due to technical restrictions imposed by using chroot, and nullfs on FreeBSD. For reasons of security, performance, and so on. It can't easily be gotten around. Hopefully the info on the website is clear enough. I'm happy to hear any suggestions that can help improve the documentation.
justauser wrote:
So once I have Finch installed, I would want to change the mount points of my UFS drives to be mounted within finch, which I would be able to change via the N4F webgui.
Yes, correct.
justauser wrote:
Then I would go into Finch and do a mount_nullfs back out to where the drives were mounted before. And this mount_nullfs would survive restarts?
Yes. The simplest way to do that is add a line (or lines) into finch's fstab file, located at "/path/to/finch/etc/fstab". For example:
Code: Select all
/path/to/finch/mnt/my_ufs_disk1 /mnt/my_ufs_disk1 nullfs rw 0 0
* Where "/path/to/finch" is the path to your finch installation's root directory.
* And "/mnt/my_ufs_disk1" is the path you would otherwise normally have used in nas4free's disk management tab / WebGUI.