FreeBSD - Jail

Jail installieren

auf dem Host ezjail installieren

# pkg install sysutils/ezjail

die Welt für die jails bauen (das dauert ne ganze weile)

# ezjail-admin update -b

den portstree kopieren

# cp -a /usr/ports/ /usr/jails/basejail/usr/ports/

die jail erstellen

# ezjail-admin create minecraft 'nfe0|10.0.0.31'
...
12598 blocks
Warning: Some services already seem to be listening on all IP, (including 10.0.0.31)
  This may cause some confusion, here they are:
ntpd     ntpd       879   20 udp6   *:123                 *:*
ntpd     ntpd       879   21 udp4   *:123                 *:*
root     syslogd    716   6  udp6   *:514                 *:*
root     syslogd    716   7  udp4   *:514                 *:*

oder

# ((ezjail-admin create -x minecraft 'lo1|127.0.1.1,nfe0|10.0.0.31'))
Warning: Some services already seem to be listening on all IP, (including 127.0.1.1)
  This may cause some confusion, here they are:
root     ntpd       1002  20 udp6   *:123                 *:*
root     ntpd       1002  21 udp4   *:123                 *:*
root     syslogd    840   6  udp6   *:514                 *:*
root     syslogd    840   7  udp4   *:514                 *:*
Warning: Some services already seem to be listening on all IP, (including 10.0.0.31)
  This may cause some confusion, here they are:
root     ntpd       1002  20 udp6   *:123                 *:*
root     ntpd       1002  21 udp4   *:123                 *:*
root     syslogd    840   6  udp6   *:514                 *:*
root     syslogd    840   7  udp4   *:514                 *:*

Netzwerk

prüfen ob netz an ist

# sysctl -a | grep raw_socket
security.jail.param.allow.raw_sockets: 0
security.jail.allow_raw_sockets: 0

achtung: das wird nicht helfen

# sysctl security.jail.allow_raw_sockets=1
security.jail.allow_raw_sockets: 0 -> 1

sondern, in die conf eingetragen

# ee /usr/local/etc/ezjail/minecraft

die Zeile

export jail_minecraft_parameters=""

ändern in:

export jail_ minecraft_parameters="allow.raw_sockets=1"

Jail

jail starten

# service ezjail start minecraft

liste aller jails

# jls
   JID  IP Address      Hostname                      Path
     1  10.0.0.31       minecraft                     /usr/jails/minecraft

jail betreten

# jexec 1

zeitzone setzen

# rm -f /etc/localtime; ln -s /usr/share/zoneinfo/MET /etc/localtime

dns setzen

# ee /etc/resolv.conf
nameserver 10.0.0.1

Jail löschen

# ezjail-admin stop minecraft
# ezjail-admin delete minecraft

den ordner löschen...

# cd /usr/jails/minecraft
# chflags -R noschg *
# cd ..
# rm -rf minecraft
Minecraft in FreeBSD Jail

minecraft-server

# portmaster games/minecraft-server
...
===>>> pkg-message for minecraft-server-1.15.2
On install:
When you first run minecraft-server, it will populate the file
/usr/local/etc/minecraft-server/eula.txt

It is required to read the EULA, and then set eula=true

- Configuration files can be found in /usr/local/etc/minecraft-server/
- Log and debug output files can be found in /var/log/minecraft-server/
- World files can be found in /var/db/minecraft-server/

Without daemon option:
- To run the server, run 
- To edit java's parameters, edit /usr/local/etc/minecraft-server/java-args.txt

With daemon option:
- The service has been installed with the name 'minecraft'
- To adjust maximum memory usage (-Xmx), use minecraft_memx= in /etc/rc.conf
- To adjust initial memory usage (-Xms), use minecraft_mems= in /etc/rc.conf
- To add other java parameters, use minecraft_args= in /etc/rc.conf
- To see the interactive console, type service minecraft console

===>>> Done displaying pkg-message files
# service minecraft start
Starting minecraft.
# service minecraft console

das ist eine tmux-session, zum verlassen Ctrl-B, D