FreeBSD jails

2025-09-05 freebsd jails

Install using pkgbase

Create zfs datasets:

zfs create -o mountpoint=/jails zroot/jails

export JNAME=15-minimal
zfs create -p "zroot/jails/$JNAME"
mkdir -vp "/jails/$JNAME/usr/share/keys"
cp -vrn /usr/share/keys/pkg* "/jails/$JNAME/usr/share/keys/"
mkdir -vp "/jails/$JNAME/etc"
cp /etc/resolv.conf "/jails/$JNAME/etc/resolv.conf"
cp /etc/localtime "/jails/$JNAME/etc/localtime"
mkdir -vp "/jails/$JNAME/var/db/pkg/repos"
mount -vt tmpfs tmpfs "/jails/$JNAME/var/db/pkg/repos"
pkg -r "/jails/$JNAME" install FreeBSD-set-minimal-jail FreeBSD-bsdconfig
jexec $JNAME ldconfig /usr/local/lib

Install using freebsd-update

Create zfs datasets:

zfs create -o mountpoint=/jails zroot/jails
zfs create zroot/jails/containers
zfs create zroot/jails/media

Done once per release to create the template:

export FBSDREL=15.0-RELEASE
zfs create -p "zroot/jails/templates/$FBSDREL"
fetch "https://download.freebsd.org/ftp/releases/amd64/amd64/$FBSDREL/base.txz" -o "/jails/media/$FBSDREL-base.txz"
tar -xf "/jails/media/$FBSDREL-base.txz" -C "/jails/templates/$FBSDREL" --unlink
cp /etc/resolv.conf "/jails/templates/$FBSDREL/etc/resolv.conf"
cp /etc/localtime "/jails/templates/$FBSDREL/etc/localtime"
freebsd-update -b "/jails/templates/$FBSDREL/" fetch install
zfs snapshot "zroot/jails/templates/$FBSDREL@base"

Then create a jail based on the template:

zfs clone "zroot/jails/templates/$FBSDREL@base" zroot/jails/containers/something

Then configure the jail in /etc/jail.conf.

Jail configuration

Lots of things need /dev/null (ie. ps):

mount.devfs;
devfs_ruleset = 5;