I decided to collapse the multiple systems I have running various flavours of Linux and BSD into a single system. For a long time I had been using Windows Small Business Server. Well I don’t really want to spend the money to upgrade to 2016 and since it appears Microsoft has abandoned its purist Unix roots by trading the tight and tidy SFU (Interix) for the wildly fat Ubuntu and a Linux ABI. In the advent of this change, I figured I would flip back to FreeBSD, which in my not-so-humble opinion is still the closest thing to Unix you can get. In fact, it actually derives its original sources from none other than Research UNIX, and while it’s wildly more advanced, the distribution holds it’s origin close to it’s heart.
Either way, the task: Support the ever growing number of ‘Appliance’ installs on top of FreeBSD. In this first iteration I have found several guides and worked through getting Debian 7 functional in a FreeBSD 10-STABLE Jail. No guarantees on stability, but I’ll update this if I come across any oddities. This task was performed on FreeBSD 10.3.
Load Linux Compat Kernel Modules…
root@host:/ # kldload linux root@host:/ # kldload linux64 root@host:/ # kldload fdescfs root@host:/ # kldload linprocfs root@host:/ # kldload linsysfs root@host:/ # kldload tmpfs
Make this persistent upon reboot by appending the following to ‘/boot/loader.conf’ on the FreeBSD host.
# ENABLE LINUX KERNEL FUNCTIONALITY # fdescfs_load = “YES” linprocfs_load = “YES” linsysfs_load = “YES” tmpfs_load = “YES”
Install ‘debootstrap’ and ‘perl5’ packages:
root@host:/ # pkg install debootstrap perl5
Create ZFS volume and mountpoint:
root@host:/ # zfs create zpool/usr/jail/.debian-7-linux
Stage the volume:
root@host:/ # debootstrap --foreign --arch=amd64 wheezy /usr/jail/.debian-7-linux http://cdn.debian.net/debian root@host:/ # rm /usr/jail/.debian-7-linux/var/cache/apt/archives/sysvinit_* root@host:/ # rm /usr/jail/.debian-7-linux/var/cache/apt/archives/rsyslog_*
Build temporary mounts for linux chroot: (or use the helper-script: linux-chroot)
root@host:/ # mount -t linprocfs none /jailz/deb-master/proc root@host:/ # mount -t devfs none /jailz/deb-master/dev root@host:/ # mount -t linsysfs none /jailz/deb-master/sys root@host:/ # mount -t tmpfs none /jailz/deb-master/lib/init/rw
Chroot into installation to and complete Debian install:
root@host:/ # chroot /jailz/deb-master /bin/bash I have no name!@host:/ # dpkg --force-depends -Ei /var/cache/apt/archives/*.deb Selecting previously unselected package adduser. (Reading database ... 0 files and directories currently installed.) Unpacking adduser (from .../adduser_3.113+nmu3_all.deb) ... Selecting previously unselected package apt-utils. Unpacking apt-utils (from .../apt-utils_0.9.7.9+deb7u7_amd64.deb) ... ... removed for brevity ... Setting up liblocale-gettext-perl (1.05-7+b1) ... Setting up libpam0g:amd64 (1.1.3-7.1) ... Setting up libssl1.0.0:amd64 (1.0.1e-2+deb7u20) ... Setting up libtext-charwidth-perl (0.04-7+b1) ... Setting up libtext-iconv-perl (1.7-5) ... Setting up libtext-wrapi18n-perl (0.06-7) ... Setting up man-db (2.6.2-1) ... Building database of manual pages ... ... if it locks up here and takes an excessive amount of time ... ... find and kill the '/usr/bin/mandb -cq' process ... Setting up e2fsprogs (1.42.5-1.1+deb7u1) ... Setting up ifupdown (0.7.8) ... Creating /etc/network/interfaces. Setting up udev (175-7.2) ... Being installed by debootstrap, udev not started. dpkg: bash: dependency problems, but configuring anyway as you requested: bash depends on base-files (>= 2.1.12); however: Package base-files is not configured yet. Setting up bash (4.2+dfsg-0.1+deb7u3) ... update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode Errors were encountered while processing: base-files I have no name!@host:/ #
Fix repo paths:
I have no name!@host:/ # rm /etc/opt/sources.list I have no name!@host:/ # echo deb http://deb.debian.org/debian wheezy main > /etc/opt/sources.list I have no name!@host:/ # echo deb-src http://deb.debian.org/debian wheezy maint > /etc/opt/sources.list
Exit Jail, kill off any dangling processes and then unmount linux specific filesystems: (skip if using linux-chroot)
I have no name!@host:/ # exit root@host:/ # for c in `fstat | grep debian-7-wheezy | grep -o -E '^\w+ +\w+ +\w+' | grep -o -E '[0-9]+\$'` do kill $c done root@host:/ # umount /jailz/deb-master/proc root@host:/ # umount /jailz/deb-master/dev root@host:/ # umount /jailz/deb-master/sys root@host:/ # umount /jailz/deb-master/lib/init/rw
Snapshot the Clean copy:
root@host:/ # zfs snapshot zpool/usr/jail/.debian-7-linux@clean
Configure the Jail: ‘/etc/jail.conf
# DEFAULT PARAMETERS
#
host.hostname = "$name";
path = "/usr/jail/$name";
mount.devfs;
mount.fstab = "/etc/fstab.$name";
allow.nomount;
exec.prestart = "";
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.poststop = "";
exec.clean;
#####################################
# TEMPLATE
#
debian-7-linux {
path = "/usr/jail/.debian-7-linux";
mount.fstab = "/etc/fstab.debian-7-linux";
interface = "lo0"; # Change this to your actual interface
ip4.addr = 192.0.2.20; # Assign a routable IP to perform apt-get functions..
exec.start = "/etc/init.d/rc 3";
exec.stop = "/etc/init.d/rc 0";
allow.mount;
mount.devfs;
}
#####################################
# PRODUCTION
Then edit ‘/usr/jails/debian/etc/fstab.debian-7’:
sys /usr/jail/.debian-7-linux/sys linsysfs rw 0 0 proc /usr/jail/.debian-7-linux/proc linprocfs rw 0 0 tmpfs /usr/jail/.debian-7-linux/run tmpfs rw,noexec,nosuid 0 0 # ALLOWS SHARING OF THE SRC DIRECTORY FROM FREEBSD HOST. /usr/src /usr/jail/.debian-7-linux/usr/src nullfs ro 0 0
Create master.passwd file as FreeBSD doesn’t use shadow file and update ‘/etc/passwd’:
root:/ # cat /usr/jail/.debian-7-linux/etc/passwd | sed -r 's/(:[x|*]:)([0-9]+:[0-9]+:)/:*:\2:0:0:/g' > /usr/jail/.debian-7-linux/etc/master.passwd root:/ # pwd_mkdb -p -d /usr/jail/.debian-7-linux/etc /usr/jail/.debian-7-linux/etc/master.passwd
Start the jail:
root:/ # service jail start debian
Show Jail Status:
root:/ # jls
JID IP Address Hostname Path
24 192.168.0.201 debian-7 /usr/jail/.debian-7
root:/ # df -h
Filesystem Size Used Avail Capacity Mounted on
zroot/ROOT/default 39G 3.5G 36G 9% /
devfs 1.0K 1.0K 0B 100% /dev
zroot/tmp 36G 16M 36G 0% /tmp
zroot/usr/ports 37G 940M 36G 2% /usr/ports
zroot/usr/src 37G 547M 36G 1% /usr/src
zroot/var/audit 36G 96K 36G 0% /var/audit
zroot/var/crash 36G 96K 36G 0% /var/crash
zroot/var/log 36G 904K 36G 0% /var/log
zroot/var/mail 36G 180K 36G 0% /var/mail
zroot/var/tmp 36G 116K 36G 0% /var/tmp
zpool/usr/home 3.5T 312G 3.2T 9% /usr/home
zpool/usr/jail 3.2T 84M 3.2T 0% /usr/jail
zpool/usr/jail/.debian-7 3.2T 146M 3.2T 0% /usr/jail/.debian-7
linsysfs 4.0K 4.0K 0B 100% /usr/jail/.debian-7/sys
linprocfs 4.0K 4.0K 0B 100% /usr/jail/.debian-7/proc
tmpfs 37G 16K 37G 0% /usr/jail/.debian-7/run
devfs 1.0K 1.0K 0B 100% /usr/jail/.debian-7/dev
Note that the items displayed may be different depending on your system.
Configure our Debian/kFreeBSD
Enter the jail:
root@host:/ # jexec debian-7-linux /bin/bash root@debian-7-linux:/ #
Complete staging and set root password:
root@debian-7-linux:/ # dpkg-reconfigure tzdata root@debian-7-linux:/ # apt-get update Get:1 http://deb.debian.org wheezy Release.gpg [2373 B] Get:2 http://deb.debian.org wheezy Release [191 kB] Get:3 http://deb.debian.org wheezy/main Sources [5993 kB] Get:4 http://deb.debian.org wheezy/main amd64 Packages [5839 kB] Get:5 http://deb.debian.org wheezy/main Translation-en [3846 kB] Fetched 15.9 MB in 18s (878 kB/s) Reading package lists... Done root@debian-7-linux:/# cat /etc/apt/sources.list deb http://deb.debian.org/debian wheezy main deb-src http://deb.debian.org/debian wheezy main ...kill off any running processes that might have ... ... locks on files in '/var/run' so apt-get ... ... can complete the base-files install ... root@debian-7-linux:/ # ps ax PID TTY STAT TIME COMMAND 43993 ? R+ 0:00 ps ax 43975 ? S 0:00 /bin/bash 43963 ? Ss 0:00 /usr/sbin/cron root@debian-7-linux:/ # rm -rf /var/run/* root@debian-7-linux:/ # apt-get -f install ... set root password ... root@debian-7-linux:/ # passwd password: Retype new UNIX password: passwd: password updated successfully root@debian-7-linux:/ # exit root@host:/ #
Take Snapshot of host and clone new Jail from snapshot:
root@host:/ # zfs snapshot zpool/usr/jail/.debian-7-linux@p0
root@host:/ # zfs clone zpool/usr/jail/.debian-7-linux@p0 zpool/usr/jail/deb-test
root@host:/ # cp /etc/fstab.debian-7-linux /etc/fstab.deb-test
root@host:/ # cat <> /etc/jail.conf
deb-test {
interface = "lo0";
ip4.addr = 192.0.2.20;
exec.start = "/etc/init.d/rc.3";
exec.stop = "/etc/init.d/rc.0";
mount.devfs;
}
JAILCONF
root@host:/ # jexec deb-test /bin/bash
root@deb-test:/ # exit /bin/bash
root@host:/ #
Special thanks to the author of the following post:
debian-gnukfreebsd-wheezy-in-a-freebsd-10-jail
protocolSyntax 
Pingback: Install Ubiquiti Video NVR debian in FreeBSD Jail | protocolSyntax