Skip to content

Instantly share code, notes, and snippets.

@natemurthy

natemurthy/23Feb2017-sf-micro-meetup-demo.sh

Last active January 19, 2023 14:34
Show Gist options
  • Save natemurthy/6010086be7b543aee7b0f97cf99ed739 to your computer and use it in GitHub Desktop.
Save natemurthy/6010086be7b543aee7b0f97cf99ed739 to your computer and use it in GitHub Desktop.
Download ZIP
Demo of chroot and jail in FreeBSD
Raw
23Feb2017-sf-micro-meetup-demo.sh
############################
# chroot demo #
############################
pwd # outside container
mkdir newroot
mkdir -p newroot/{bin,dev,lib,libexec,sbin}
# copy bins
cp -v /bin/{sh,ls,ps,sleep} newroot/bin
cp -v /sbin/{ifconfig} newroot/sbin
# copy ldds
cp -v /libexec/ld-elf.so.1 newroot/libexec
cp -v /lib/{libedit.so.7,libc.so.7,libncursesw.so.8} newroot/lib
cp -v /lib/{libxo.so.0,libutil.so.9} newroot/lib
cp -v /lib/{libm.so.5,libkvm.so.7,libelf.so.2} newroot/lib
cp -v /lib/{lib80211.so.1,libjail.so.1,libsbuf.so.6,libbsdxml.so.4} newroot/lib
sudo chroot newroot/ /bin/sh
pwd # inside container
############################
# jail demo #
############################
# make and copy dirs
mkdir jail1 jail2
cp -r newroot/* jail1/
cp -r newroot/* jail2/
# create jail using command line args
sudo jail -c path=/home/vagrant/jail1 mount.devfs interface=em0 ip4.addr=10.0.2.16 allow.raw_sockets=1 command=/bin/sh
sudo jail -c path=/home/vagrant/jail2 mount.devfs interface=em0 ip4.addr=10.0.2.17 allow.raw_sockets=1 command=/bin/sh
# view processes with Jail ID (jid) etc
ps -axo uid,pid,jid,args
############################
# demo commands #
############################
pwd
ls -l
echo "hello world"
sleep 10
id -u $USER
ps
ping
ifconfig
@eduardo88ska
Copy link

What is this repository for or does it work for?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment