First, if you haven’t already done so, create a debian 7 template jail. See my previous post ‘Debian 7 Wheezy Installation in FreeBSD 10 Jail‘ if you need assistance on doing so…
Clone your debian-7-linux template…
root@host:/ # zfs clone zpool/usr/jail/.debian-7-linux@p0 zpool/usr/jail/unifi-video
Append the new jail configuration to ‘/etc/jail.conf’
... append to the bottom ...
# UBIQUITI UNIFI VIDEO NVR
unifi-video {
interface = "ge0"; # confirm the name of your interface...
ip4.addr = 192.0.2.201; # set to an ip address thats routable...
exec.start = "/etc/init.d/rc 3";
exec.stop = "/etc/init.d/rc 0";
allow.mount;
mount.devfs;
}
Create Jail fstab: ‘/etc/fstab.unifi-video’
sys /usr/jail/unifi-video/sys linsysfs rw 0 0 proc /usr/jail/unifi-video/proc linprocfs rw 0 0 tmpfs /usr/jail/unifi-video/run tmpfs rw,noexec,nosuid 0 0
Start the Jail:
root@host:/ # service jail start unifi-video
Start a shell in the jail:
root@host:/ # jexec unifi-video /bin/bash
Retrieve the lastest debian package from ubnt.com
root@unifi-video:/# cd /root/
root@unifi-video:~# wget --no-check-certificate https://dl.ubnt.com/firmwares/unifi-video/3.7.1/unifi-video_3.7.1~Debian7_amd64.deb --2017-06-15 13:45:35-- https://dl.ubnt.com/firmwares/unifi-video/3.7.1/unifi-video_3.7.1~Debian7_amd64.deb Resolving dl.ubnt.com (dl.ubnt.com)... 54.192.5.91 Connecting to dl.ubnt.com (dl.ubnt.com)|54.192.5.91|:443... connected. WARNING: The certificate of `dl.ubnt.com' is not trusted. WARNING: The certificate of `dl.ubnt.com' hasn't got a known issuer. HTTP request sent, awaiting response... 200 OK Length: 81610686 (78M) [application/x-debian-package] Saving to: `unifi-video_3.7.1~Debian7_amd64.deb' 100%[===================================================================>] 81,610,686 19.3M/s in 4.7s 2017-06-15 13:45:45 (16.6 MB/s) - `unifi-video_3.7.1~Debian7_amd64.deb' saved [81610686/81610686]
Install Dependancies:
root@unifi-video:~# apt-get install sudo psmisc lsb-release java7-runtime-headless jsvc mongodb-server
Install Debian Package:
root@unifi-video:~# dpkg -i /root/unifi-video_3.7.1~Debian7_amd64.deb
Modify ‘/usr/sbin/unifi-video’
... NOTE MODIFICATIONS IN RED BELOW... #!/bin/sh # Ubiquiti unifi-video service script -*- shell-script -*- # Copyright (c) 2013-2015 Ubiquiti Networks, Inc. http://www.ubnt.com # vim: ft=sh set -e NAME=unifi-video PKGUSER=unifi-video BASEDIR="/usr/lib/${NAME}" DATADIR="${BASEDIR}/data" PIDFILE="/var/run/${NAME}/${NAME}.pid" TMPFS_DIR="/var/cache/${NAME}" MAINCLASS="com.ubnt.airvision.Main" MAINJAR="${BASEDIR}/lib/airvision.jar" ENABLE_TMPFS=no TMPFS_SIZE=15% UFV_VERBOSE= UFV_DEBUG= UFV_DAEMONIZE=true ... removed for brevity ... case $ACTION in start) require_root update_limits ulimit -H -c 200 # echo 0x10 > /proc/self/coredump_filter if is_service_running "${PIDFILE}" >/dev/null; then log_verbose "${NAME} is already running..." else ... removed for brevity ...
Change ownership on ‘/var/cache/unifi-video’
root@unifi-video:/# chown unifi-video:unifi-video /var/cache/unifi-video
Add unifi-video specific tmpfs mount manually to ‘/etc/fstab.unifi-video’ on host system:
# CUSTOM TMPFS FOR UNIFI-VIDEO JAIL tmpfs /usr/jail/unifi-video/var/cache/unifi-video tmpfs rw,noexec,size=15%,mode=0777,uid=unifi-video 0 0
Java Home located in /usr/lib/jvm/java-7-openjdk-amd64/jre
+– DUMPING JAVA HOME STRUCTURE ————————
| Java Home: “/usr/lib/jvm/java-7-openjdk-amd64/jre”
| Java VM Config.: “/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/jvm.cfg”
| Found JVMs: 1
| JVM Name: “server”
| “/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/server/libjvm.so”
+——————————————————-
Running w/ LD_LIBRARY_PATH=/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/server:/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64
redirecting stdout to /dev/null and stderr to /dev/null
Switching umask back to 022 from 077
Attemtping to load library libcap.so
Attemtping to load library libcap.so.2
loaded cap_free from libcap.
loaded cap_init from libcap.
loaded cap_clear from libcap.
loaded cap_get_flag from libcap.
loaded cap_set_flag from libcap.
loaded cap_set_proc from libcap.
failed setting default capabilities.
set_caps(CAPS) failed for user ‘unifi-video’
Service exit with a return value of 4
failed!
Do you think this would work in Free NAS?
I haven’t tested on recent kernels. But last I checked the UnifiVideo software requires Linux ABI features not currently available in FreeBSD’s Linux ABI (linuxulator). The process for building the jail should be similar, judt using the iocage stuff…