Jails sind auf BSD etwas wunderbares, dass sich sogar ein Debian einsperren lässt wissen viele nicht. Da mir die Frage nun schon ein paar mal untergekommen ist, hier eine kleine Übersicht!

Zur Umsetzung des Planes wird ein weiteres Paket auf dem BSD System benötigt, dieses installiert sich mir:

kernel@smeer-bsd /> sudo pkg install debootstrap

Jetzt kann schon die eigentliche Jail erstellt werden. Als kleine Besonderheit fallen die gesetzten Kommandos zum Start und Beenden auf, wer sie liest versteht sie im Grunde auch schon 😀

kernel@smeer-bsd /> sudo iocage create -e tag=debian-jail01 exec_start="/etc/init.d/rc 3" exec_stop="/etc/init.d/rc 0"
19e3594f-8945-11e5-b55e-f01faf42fd26

Je nach Konfiguration können die Jails schon mal an anderer Stelle erstellt werden, ich lasse mir also mal den Ort ausgeben:

kernel@smeer-bsd /> sudo iocage get mountpoint 19e3594f-8945-11e5-b55e-f01faf42fd26
/iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26

B.t.w.: über UUIDs müssen wir nicht mehr sprechen, oder?

Da wir nun den Pfad haben, kommen wir wieder zurück zu debootstrap. Dieses Script macht im Grunde folgendes. Es sammelt sich von den Debian Mirrors eine Debian Version für einen FreeBDS Kernel herunter und wirft sie dann an die angegebene Stelle. Das mache ich jetzt mal (viel Spaß beim Scrollen :-P)

kernel@smeer-bsd /> sudo debootstrap wheezy /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root/
I: Keyring file not available at /usr/share/keyrings/debian-archive-keyring.gpg; switching to https mirror https://mirrors.kernel.org/debian
I: Retrieving Release 
I: Retrieving Packages 
I: Validating Packages 
I: Resolving dependencies of required packages...
I: Resolving dependencies of base packages...
I: Found additional required dependencies: insserv kbdcontrol libbsd0 libbz2-1.0 libcam6 libdb5.1 libexpat1 libgeom1 libgssglue1 libjail1 libkiconv4 libkvm0 libsbuf6 libslang2 libtirpc1                                                                                                                     
I: Found additional base dependencies: inetutils-ping libcurl3-gnutls libept1.4.12 libgcrypt11 libgnutls26 libgpg-error0 libgssapi-krb5-2 libidn11 libipx2 libk5crypto3 libkrb5-3 libkrb5support0 libldap-2.4-2 libmemstat3 libnetgraph4 libp11-kit0 librtmp0 libsasl2-2 libsqlite3-0 libssh2-1 libtasn1-3 libxapian22 openssl                                                                                                                                       
I: Checking component main on https://mirrors.kernel.org/debian...                                                                                     
I: Retrieving libacl1 2.2.51-8                                                                                                                         
I: Validating libacl1 2.2.51-8                                                                                                                         
I: Retrieving adduser 3.113+nmu3                                                                                                                       
I: Validating adduser 3.113+nmu3                                                                                                                       
I: Retrieving apt 0.9.7.9+deb7u7                
I: Validating apt 0.9.7.9+deb7u7                                                                                                                       
I: Retrieving apt-transport-https 0.9.7.9+deb7u7                                                                                                       
I: Validating apt-transport-https 0.9.7.9+deb7u7                                                                                                       
I: Retrieving apt-utils 0.9.7.9+deb7u7                                                                                                                 
I: Validating apt-utils 0.9.7.9+deb7u7                                                                                                                 
I: Retrieving libapt-inst1.5 0.9.7.9+deb7u7                                                                                                            
I: Validating libapt-inst1.5 0.9.7.9+deb7u7
I: Retrieving libapt-pkg4.12 0.9.7.9+deb7u7
I: Validating libapt-pkg4.12 0.9.7.9+deb7u7
I: Retrieving aptitude 0.6.8.2-1
I: Validating aptitude 0.6.8.2-1
I: Retrieving aptitude-common 0.6.8.2-1
I: Validating aptitude-common 0.6.8.2-1
I: Retrieving libattr1 1:2.4.46-8
I: Validating libattr1 1:2.4.46-8
I: Retrieving base-files 7.1wheezy9
I: Validating base-files 7.1wheezy9
I: Retrieving base-passwd 3.5.26
I: Validating base-passwd 3.5.26
I: Retrieving bash 4.2+dfsg-0.1+deb7u3
I: Validating bash 4.2+dfsg-0.1+deb7u3
I: Retrieving libboost-iostreams1.49.0 1.49.0-3.2
I: Validating libboost-iostreams1.49.0 1.49.0-3.2
I: Retrieving bsdmainutils 9.0.3
I: Validating bsdmainutils 9.0.3
I: Retrieving libbz2-1.0 1.0.6-4
I: Validating libbz2-1.0 1.0.6-4
I: Retrieving ca-certificates 20130119+deb7u1
I: Validating ca-certificates 20130119+deb7u1
I: Retrieving coreutils 8.13-3.5
I: Validating coreutils 8.13-3.5
I: Retrieving cpio 2.11+dfsg-0.1+deb7u1
I: Validating cpio 2.11+dfsg-0.1+deb7u1
I: Retrieving cron 3.0pl1-124
I: Validating cron 3.0pl1-124
I: Retrieving libcurl3-gnutls 7.26.0-1+wheezy13
I: Validating libcurl3-gnutls 7.26.0-1+wheezy13
I: Retrieving libcwidget3 0.5.16-3.4
I: Validating libcwidget3 0.5.16-3.4
I: Retrieving libsasl2-2 2.1.25.dfsg1-6+deb7u1
I: Validating libsasl2-2 2.1.25.dfsg1-6+deb7u1
I: Retrieving dash 0.5.7-3
I: Validating dash 0.5.7-3
I: Retrieving libdb5.1 5.1.29-5
I: Validating libdb5.1 5.1.29-5
I: Retrieving debconf 1.5.49
I: Validating debconf 1.5.49
I: Retrieving debconf-i18n 1.5.49
I: Validating debconf-i18n 1.5.49
I: Retrieving debian-archive-keyring 2014.3~deb7u1
I: Validating debian-archive-keyring 2014.3~deb7u1
I: Retrieving debianutils 4.3.2
I: Validating debianutils 4.3.2
I: Retrieving diffutils 1:3.2-6
I: Validating diffutils 1:3.2-6
I: Retrieving dmidecode 2.11-9
I: Validating dmidecode 2.11-9
I: Retrieving dpkg 1.16.16
I: Validating dpkg 1.16.16
I: Retrieving e2fslibs 1.42.5-1.1+deb7u1
I: Validating e2fslibs 1.42.5-1.1+deb7u1
I: Retrieving e2fsprogs 1.42.5-1.1+deb7u1
I: Validating e2fsprogs 1.42.5-1.1+deb7u1
I: Retrieving libcomerr2 1.42.5-1.1+deb7u1
I: Validating libcomerr2 1.42.5-1.1+deb7u1
I: Retrieving libss2 1.42.5-1.1+deb7u1
I: Validating libss2 1.42.5-1.1+deb7u1
I: Retrieving libc-bin 2.13-38+deb7u8
I: Validating libc-bin 2.13-38+deb7u8
I: Retrieving libc0.1 2.13-38+deb7u8
I: Validating libc0.1 2.13-38+deb7u8
I: Retrieving multiarch-support 2.13-38+deb7u8
I: Validating multiarch-support 2.13-38+deb7u8
I: Retrieving libexpat1 2.1.0-1+deb7u2
I: Validating libexpat1 2.1.0-1+deb7u2
I: Retrieving findutils 4.4.2-4
I: Validating findutils 4.4.2-4
I: Retrieving libcam6 9.0+ds1-4
I: Validating libcam6 9.0+ds1-4
I: Retrieving libgeom1 9.0+ds1-4
I: Validating libgeom1 9.0+ds1-4
I: Retrieving libipx2 9.0+ds1-4
I: Validating libipx2 9.0+ds1-4
I: Retrieving libjail1 9.0+ds1-4
I: Validating libjail1 9.0+ds1-4
I: Retrieving libkiconv4 9.0+ds1-4
I: Validating libkiconv4 9.0+ds1-4
I: Retrieving libkvm0 9.0+ds1-4
I: Validating libkvm0 9.0+ds1-4
I: Retrieving libmemstat3 9.0+ds1-4
I: Validating libmemstat3 9.0+ds1-4
I: Retrieving libnetgraph4 9.0+ds1-4
I: Validating libnetgraph4 9.0+ds1-4
I: Retrieving libsbuf6 9.0+ds1-4
I: Validating libsbuf6 9.0+ds1-4
I: Retrieving devd 9.0+ds1-11~deb7u1
I: Validating devd 9.0+ds1-11~deb7u1
I: Retrieving freebsd-net-tools 9.0+ds1-11~deb7u1
I: Validating freebsd-net-tools 9.0+ds1-11~deb7u1
I: Retrieving freebsd-utils 9.0+ds1-11~deb7u1
I: Validating freebsd-utils 9.0+ds1-11~deb7u1
I: Retrieving kbdcontrol 9.0+ds1-11~deb7u1
I: Validating kbdcontrol 9.0+ds1-11~deb7u1
I: Retrieving kldutils 9.0+ds1-11~deb7u1
I: Validating kldutils 9.0+ds1-11~deb7u1
I: Retrieving pf 9.0+ds1-11~deb7u1
I: Validating pf 9.0+ds1-11~deb7u1
I: Retrieving vidcontrol 9.0+ds1-11~deb7u1
I: Validating vidcontrol 9.0+ds1-11~deb7u1
I: Retrieving gcc-4.7-base 4.7.2-5
I: Validating gcc-4.7-base 4.7.2-5
I: Retrieving libgcc1 1:4.7.2-5
I: Validating libgcc1 1:4.7.2-5
I: Retrieving libstdc++6 4.7.2-5
I: Validating libstdc++6 4.7.2-5
I: Retrieving libgdbm3 1.8.3-11
I: Validating libgdbm3 1.8.3-11
I: Retrieving gnupg 1.4.12-7+deb7u7
I: Validating gnupg 1.4.12-7+deb7u7
I: Retrieving gpgv 1.4.12-7+deb7u7
I: Validating gpgv 1.4.12-7+deb7u7
I: Retrieving libgnutls26 2.12.20-8+deb7u3
I: Retrieving grep 2.12-2
I: Validating grep 2.12-2
I: Retrieving groff-base 1.21-9
I: Validating groff-base 1.21-9
I: Retrieving gzip 1.5-1.1
I: Validating gzip 1.5-1.1
I: Retrieving hostname 3.11
I: Validating hostname 3.11
I: Retrieving ifupdown 0.7.8
I: Validating ifupdown 0.7.8
I: Retrieving inetutils-ping 2:1.9-2
I: Validating inetutils-ping 2:1.9-2
I: Retrieving insserv 1.14.0-5
I: Validating insserv 1.14.0-5
I: Retrieving isc-dhcp-client 4.2.2.dfsg.1-5+deb70u6
I: Validating isc-dhcp-client 4.2.2.dfsg.1-5+deb70u6
I: Retrieving isc-dhcp-common 4.2.2.dfsg.1-5+deb70u6
I: Validating isc-dhcp-common 4.2.2.dfsg.1-5+deb70u6
I: Retrieving libgssapi-krb5-2 1.10.1+dfsg-5+deb7u3
I: Validating libgssapi-krb5-2 1.10.1+dfsg-5+deb7u3
I: Retrieving libk5crypto3 1.10.1+dfsg-5+deb7u3
I: Validating libk5crypto3 1.10.1+dfsg-5+deb7u3
I: Retrieving libkrb5-3 1.10.1+dfsg-5+deb7u3
I: Validating libkrb5-3 1.10.1+dfsg-5+deb7u3
I: Retrieving libkrb5support0 1.10.1+dfsg-5+deb7u3
I: Validating libkrb5support0 1.10.1+dfsg-5+deb7u3
I: Retrieving libbsd0 0.4.2-1
I: Validating libbsd0 0.4.2-1
I: Retrieving libept1.4.12 1.0.9
I: Validating libept1.4.12 1.0.9
I: Retrieving libgcrypt11 1.5.0-5+deb7u3
I: Validating libgcrypt11 1.5.0-5+deb7u3
I: Retrieving libgpg-error0 1.10-3.1
I: Validating libgpg-error0 1.10-3.1
I: Retrieving libgssglue1 0.4-2
I: Validating libgssglue1 0.4-2
I: Retrieving libidn11 1.25-2
I: Validating libidn11 1.25-2
I: Retrieving liblocale-gettext-perl 1.05-7+b1
I: Validating liblocale-gettext-perl 1.05-7+b1
I: Retrieving libpipeline1 1.2.1-1
I: Validating libpipeline1 1.2.1-1
I: Retrieving libsigc++-2.0-0c2a 2.2.10-0.2
I: Validating libsigc++-2.0-0c2a 2.2.10-0.2
I: Retrieving libssh2-1 1.4.2-1.1+deb7u1
I: Validating libssh2-1 1.4.2-1.1+deb7u1
I: Retrieving libtasn1-3 2.13-2+deb7u2
I: Validating libtasn1-3 2.13-2+deb7u2
I: Retrieving libtext-charwidth-perl 0.04-7+b1
I: Validating libtext-charwidth-perl 0.04-7+b1
I: Retrieving libtext-iconv-perl 1.7-5
I: Validating libtext-iconv-perl 1.7-5
I: Retrieving libtext-wrapi18n-perl 0.06-7
I: Validating libtext-wrapi18n-perl 0.06-7
I: Retrieving libtirpc1 0.2.2-5
I: Validating libtirpc1 0.2.2-5
I: Retrieving libusb-0.1-4 2:0.1.12-20+nmu1
I: Validating libusb-0.1-4 2:0.1.12-20+nmu1
I: Retrieving logrotate 3.8.1-4
I: Validating logrotate 3.8.1-4
I: Retrieving lsb-base 4.1+Debian8+deb7u1
I: Validating lsb-base 4.1+Debian8+deb7u1
I: Retrieving man-db 2.6.2-1
I: Validating man-db 2.6.2-1
I: Retrieving manpages 3.44-1
I: Validating manpages 3.44-1
I: Retrieving mawk 1.3.3-17
I: Validating mawk 1.3.3-17
I: Retrieving nano 2.2.6-1+b1
I: Validating nano 2.2.6-1+b1
I: Retrieving libncurses5 5.9-10
I: Validating libncurses5 5.9-10
I: Retrieving libncursesw5 5.9-10
I: Validating libncursesw5 5.9-10
I: Retrieving libtinfo5 5.9-10
I: Validating libtinfo5 5.9-10
I: Retrieving ncurses-base 5.9-10
I: Validating ncurses-base 5.9-10
I: Retrieving ncurses-bin 5.9-10
I: Validating ncurses-bin 5.9-10
I: Retrieving netbase 5.0
I: Validating netbase 5.0
I: Retrieving netcat-traditional 1.10-40
I: Validating netcat-traditional 1.10-40
I: Retrieving libnewt0.52 0.52.14-11.1
I: Validating libnewt0.52 0.52.14-11.1
I: Retrieving whiptail 0.52.14-11.1
I: Validating whiptail 0.52.14-11.1
I: Retrieving libldap-2.4-2 2.4.31-2
I: Validating libldap-2.4-2 2.4.31-2
I: Retrieving libssl1.0.0 1.0.1e-2+deb7u17
I: Validating libssl1.0.0 1.0.1e-2+deb7u17
I: Retrieving openssl 1.0.1e-2+deb7u17
I: Validating openssl 1.0.1e-2+deb7u17
I: Retrieving libp11-kit0 0.12-3
I: Validating libp11-kit0 0.12-3
I: Retrieving libpam-modules 1.1.3-7.1
I: Validating libpam-modules 1.1.3-7.1
I: Retrieving libpam-modules-bin 1.1.3-7.1
I: Validating libpam-modules-bin 1.1.3-7.1
I: Retrieving libpam-runtime 1.1.3-7.1
I: Validating libpam-runtime 1.1.3-7.1
I: Retrieving libpam0g 1.1.3-7.1
I: Validating libpam0g 1.1.3-7.1
I: Retrieving perl-base 5.14.2-21+deb7u2
I: Validating perl-base 5.14.2-21+deb7u2
I: Retrieving libpopt0 1.16-7
I: Validating libpopt0 1.16-7
I: Retrieving libprocps0 1:3.3.3-3
I: Validating libprocps0 1:3.3.3-3
I: Retrieving procps 1:3.3.3-3
I: Validating procps 1:3.3.3-3
I: Retrieving libreadline6 6.2+dfsg-0.1
I: Validating libreadline6 6.2+dfsg-0.1
I: Retrieving readline-common 6.2+dfsg-0.1
I: Validating readline-common 6.2+dfsg-0.1
I: Retrieving rsyslog 5.8.11-3+deb7u2
I: Validating rsyslog 5.8.11-3+deb7u2
I: Retrieving librtmp0 2.4+20111222.git4e06e21-1
I: Validating librtmp0 2.4+20111222.git4e06e21-1
I: Retrieving sed 4.2.1-10
I: Validating sed 4.2.1-10
I: Retrieving sensible-utils 0.0.7
I: Validating sensible-utils 0.0.7
I: Retrieving login 1:4.1.5.1-1
I: Validating login 1:4.1.5.1-1
I: Retrieving passwd 1:4.1.5.1-1
I: Validating passwd 1:4.1.5.1-1
I: Retrieving libslang2 2.2.4-15
I: Validating libslang2 2.2.4-15
I: Retrieving libsqlite3-0 3.7.13-1+deb7u2
I: Validating libsqlite3-0 3.7.13-1+deb7u2
I: Retrieving initscripts 2.88dsf-41+deb7u1
I: Validating initscripts 2.88dsf-41+deb7u1
I: Retrieving sysv-rc 2.88dsf-41+deb7u1
I: Validating sysv-rc 2.88dsf-41+deb7u1
I: Retrieving sysvinit 2.88dsf-41+deb7u1
I: Validating sysvinit 2.88dsf-41+deb7u1
I: Retrieving sysvinit-utils 2.88dsf-41+deb7u1
I: Validating sysvinit-utils 2.88dsf-41+deb7u1
I: Retrieving tar 1.26+dfsg-0.1
I: Validating tar 1.26+dfsg-0.1
I: Retrieving tasksel 3.14.1
I: Validating tasksel 3.14.1
I: Retrieving tasksel-data 3.14.1
I: Validating tasksel-data 3.14.1
I: Retrieving info 4.13a.dfsg.1-10
I: Validating info 4.13a.dfsg.1-10
I: Retrieving install-info 4.13a.dfsg.1-10
I: Validating install-info 4.13a.dfsg.1-10
I: Retrieving tzdata 2015f-0+deb7u1
I: Validating tzdata 2015f-0+deb7u1
I: Retrieving bsdutils 1:2.20.1-5.3
I: Validating bsdutils 1:2.20.1-5.3
I: Retrieving libblkid1 2.20.1-5.3
I: Validating libblkid1 2.20.1-5.3
I: Retrieving libuuid1 2.20.1-5.3
I: Validating libuuid1 2.20.1-5.3
I: Retrieving util-linux 2.20.1-5.3
I: Validating util-linux 2.20.1-5.3
I: Retrieving vim-common 2:7.3.547-7
I: Validating vim-common 2:7.3.547-7
I: Retrieving vim-tiny 2:7.3.547-7
I: Validating vim-tiny 2:7.3.547-7
I: Retrieving wget 1.13.4-3+deb7u2
I: Validating wget 1.13.4-3+deb7u2
I: Retrieving libxapian22 1.2.12-2
I: Validating libxapian22 1.2.12-2
I: Retrieving liblzma5 5.1.1alpha+20120614-2
I: Validating liblzma5 5.1.1alpha+20120614-2
I: Retrieving xz-utils 5.1.1alpha+20120614-2
I: Validating xz-utils 5.1.1alpha+20120614-2
I: Retrieving zlib1g 1:1.2.7.dfsg-13
I: Validating zlib1g 1:1.2.7.dfsg-13
I: Chosen extractor for .deb packages: ar
I: Extracting libacl1...
I: Extracting libattr1...
I: Extracting base-files...
I: Extracting base-passwd...
I: Extracting bash...
I: Extracting libbz2-1.0...
I: Extracting coreutils...
I: Extracting dash...
I: Extracting libdb5.1...
I: Extracting debconf...
I: Extracting debconf-i18n...
I: Extracting debianutils...
I: Extracting diffutils...
I: Extracting dpkg...
I: Extracting e2fslibs...
I: Extracting e2fsprogs...
I: Extracting libcomerr2...
I: Extracting libss2...
I: Extracting libc-bin...
I: Extracting libc0.1...
I: Extracting multiarch-support...
I: Extracting libexpat1...
I: Extracting findutils...
I: Extracting libcam6...
I: Extracting libgeom1...
I: Extracting libjail1...
I: Extracting libkiconv4...
I: Extracting libkvm0...
I: Extracting libsbuf6...
I: Extracting freebsd-utils...
I: Extracting kbdcontrol...
I: Extracting gcc-4.7-base...
I: Extracting libgcc1...
I: Extracting grep...
I: Extracting gzip...
I: Extracting hostname...
I: Extracting insserv...
I: Extracting libbsd0...
I: Extracting libgssglue1...
I: Extracting liblocale-gettext-perl...
I: Extracting libtext-charwidth-perl...
I: Extracting libtext-iconv-perl...
I: Extracting libtext-wrapi18n-perl...
I: Extracting libtirpc1...
I: Extracting lsb-base...
I: Extracting mawk...
I: Extracting libncurses5...
I: Extracting libtinfo5...
I: Extracting ncurses-base...
I: Extracting ncurses-bin...
I: Extracting libpam-modules...
I: Extracting libpam-modules-bin...
I: Extracting libpam-runtime...
I: Extracting libpam0g...
I: Extracting perl-base...
I: Extracting sed...
I: Extracting sensible-utils...
I: Extracting login...
I: Extracting passwd...
I: Extracting libslang2...
I: Extracting initscripts...
I: Extracting sysv-rc...
I: Extracting sysvinit...
I: Extracting sysvinit-utils...
I: Extracting tar...
I: Extracting tzdata...
I: Extracting bsdutils...
I: Extracting libblkid1...
I: Extracting libuuid1...
I: Extracting util-linux...
I: Extracting liblzma5...
I: Extracting xz-utils...
I: Extracting zlib1g...
I: Installing core packages...
I: Unpacking required packages...
I: Unpacking libacl1:kfreebsd-amd64...
I: Unpacking libattr1:kfreebsd-amd64...
I: Unpacking base-files...
I: Unpacking base-passwd...
I: Unpacking bash...
I: Unpacking libbz2-1.0:kfreebsd-amd64...
I: Unpacking coreutils...
I: Unpacking dash...
I: Unpacking libdb5.1:kfreebsd-amd64...
I: Unpacking debconf...
I: Unpacking debconf-i18n...
I: Unpacking debianutils...
I: Unpacking diffutils...
I: Unpacking dpkg...
I: Unpacking e2fslibs:kfreebsd-amd64...
I: Unpacking e2fsprogs...
I: Unpacking libcomerr2:kfreebsd-amd64...
I: Unpacking libss2:kfreebsd-amd64...
I: Unpacking libc-bin...
I: Unpacking libc0.1:kfreebsd-amd64...
I: Unpacking multiarch-support...
I: Unpacking libexpat1:kfreebsd-amd64...
I: Unpacking findutils...
I: Unpacking libcam6...
I: Unpacking libgeom1...
I: Unpacking libjail1...
I: Unpacking libkiconv4...
I: Unpacking libkvm0...
I: Unpacking libsbuf6...
I: Unpacking freebsd-utils...
I: Unpacking kbdcontrol...
I: Unpacking gcc-4.7-base:kfreebsd-amd64...
I: Unpacking libgcc1:kfreebsd-amd64...
I: Unpacking grep...
I: Unpacking gzip...
I: Unpacking hostname...
I: Unpacking insserv...
I: Unpacking libbsd0:kfreebsd-amd64...
I: Unpacking libgssglue1:kfreebsd-amd64...
I: Unpacking liblocale-gettext-perl...
I: Unpacking libtext-charwidth-perl...
I: Unpacking libtext-iconv-perl...
I: Unpacking libtext-wrapi18n-perl...
I: Unpacking libtirpc1:kfreebsd-amd64...
I: Unpacking lsb-base...
I: Unpacking mawk...
I: Unpacking libncurses5:kfreebsd-amd64...
I: Unpacking libtinfo5:kfreebsd-amd64...
I: Unpacking ncurses-base...
I: Unpacking ncurses-bin...
I: Unpacking libpam-modules:kfreebsd-amd64...
I: Unpacking libpam-modules-bin...
I: Unpacking libpam-runtime...
I: Unpacking libpam0g:kfreebsd-amd64...
I: Unpacking perl-base...
I: Unpacking sed...
I: Unpacking sensible-utils...
I: Unpacking login...
I: Unpacking passwd...
I: Unpacking libslang2:kfreebsd-amd64...
I: Unpacking initscripts...
I: Unpacking sysv-rc...
I: Unpacking sysvinit...
I: Unpacking sysvinit-utils...
I: Unpacking tar...
I: Unpacking tzdata...
I: Unpacking bsdutils...
I: Unpacking libblkid1:kfreebsd-amd64...
I: Unpacking libuuid1:kfreebsd-amd64...
I: Unpacking util-linux...
I: Unpacking liblzma5:kfreebsd-amd64...
I: Unpacking xz-utils...
I: Unpacking zlib1g:kfreebsd-amd64...
I: Configuring required packages...
I: Configuring lsb-base...
I: Configuring ncurses-base...
I: Configuring sensible-utils...
I: Configuring gcc-4.7-base:kfreebsd-amd64...
I: Configuring libc-bin...
I: Configuring libc0.1:kfreebsd-amd64...
I: Configuring mawk...
I: Configuring hostname...
I: Configuring insserv...
I: Configuring libkiconv4...
I: Configuring libsbuf6...
I: Configuring sysvinit-utils...
I: Configuring multiarch-support...
I: Configuring debianutils...
I: Configuring bsdutils...
I: Configuring libgssglue1:kfreebsd-amd64...
I: Configuring tar...
I: Configuring zlib1g:kfreebsd-amd64...
I: Configuring libgcc1:kfreebsd-amd64...
I: Configuring base-files...
I: Configuring libexpat1:kfreebsd-amd64...
I: Configuring libattr1:kfreebsd-amd64...
I: Configuring e2fslibs:kfreebsd-amd64...
I: Configuring base-passwd...
I: Configuring libcomerr2:kfreebsd-amd64...
I: Configuring libtirpc1:kfreebsd-amd64...
I: Configuring libacl1:kfreebsd-amd64...
I: Configuring libslang2:kfreebsd-amd64...
I: Configuring libss2:kfreebsd-amd64...
I: Configuring libbsd0:kfreebsd-amd64...
I: Configuring liblzma5:kfreebsd-amd64...
I: Configuring libdb5.1:kfreebsd-amd64...
I: Configuring libbz2-1.0:kfreebsd-amd64...
I: Configuring libtinfo5:kfreebsd-amd64...
I: Configuring libkvm0...
I: Configuring libcam6...
I: Configuring ncurses-bin...
I: Configuring libjail1...
I: Configuring libgeom1...
I: Configuring libncurses5:kfreebsd-amd64...
I: Configuring freebsd-utils...
I: Configuring xz-utils...
I: Configuring dpkg...
I: Configuring dash...
I: Configuring coreutils...
I: Configuring perl-base...
I: Configuring diffutils...
I: Configuring libtext-iconv-perl...
I: Configuring sed...
I: Configuring grep...
I: Configuring findutils...
I: Configuring gzip...
I: Configuring liblocale-gettext-perl...
I: Configuring bash...
I: Configuring libtext-charwidth-perl...
I: Configuring libtext-wrapi18n-perl...
I: Configuring debconf...
I: Configuring libpam0g:kfreebsd-amd64...
I: Configuring sysv-rc...
I: Configuring tzdata...
I: Configuring debconf-i18n...
I: Configuring initscripts...
I: Configuring libpam-modules-bin...
I: Configuring kbdcontrol...
I: Configuring libpam-modules:kfreebsd-amd64...
I: Configuring passwd...
I: Configuring libpam-runtime...
I: Configuring sysvinit...
I: Configuring login...
I: Configuring libuuid1:kfreebsd-amd64...
I: Configuring libblkid1:kfreebsd-amd64...
I: Configuring util-linux...
I: Configuring e2fsprogs...
I: Unpacking the base system...
I: Unpacking adduser...
I: Unpacking apt...
I: Unpacking apt-transport-https...
I: Unpacking apt-utils...
I: Unpacking libapt-inst1.5:kfreebsd-amd64...
I: Unpacking libapt-pkg4.12:kfreebsd-amd64...
I: Unpacking aptitude...
I: Unpacking aptitude-common...
I: Unpacking libboost-iostreams1.49.0...
I: Unpacking bsdmainutils...
I: Unpacking ca-certificates...
I: Unpacking cpio...
I: Unpacking cron...
I: Unpacking libcurl3-gnutls:kfreebsd-amd64...
I: Unpacking libcwidget3...
I: Unpacking libsasl2-2:kfreebsd-amd64...
I: Unpacking debian-archive-keyring...
I: Unpacking dmidecode...
I: Unpacking libipx2...
I: Unpacking libmemstat3...
I: Unpacking libnetgraph4...
I: Unpacking devd...
I: Unpacking freebsd-net-tools...
I: Unpacking kldutils...
I: Unpacking pf...
I: Unpacking vidcontrol...
I: Unpacking libstdc++6:kfreebsd-amd64...
I: Unpacking libgdbm3:kfreebsd-amd64...
I: Unpacking gnupg...
I: Unpacking gpgv...
I: Unpacking libgnutls26:kfreebsd-amd64...
I: Unpacking groff-base...
I: Unpacking ifupdown...
I: Unpacking inetutils-ping...
I: Unpacking isc-dhcp-client...
I: Unpacking isc-dhcp-common...
I: Unpacking libgssapi-krb5-2:kfreebsd-amd64...
I: Unpacking libk5crypto3:kfreebsd-amd64...
I: Unpacking libkrb5-3:kfreebsd-amd64...
I: Unpacking libkrb5support0:kfreebsd-amd64...
I: Unpacking libept1.4.12...
I: Unpacking libgcrypt11:kfreebsd-amd64...
I: Unpacking libgpg-error0:kfreebsd-amd64...
I: Unpacking libidn11:kfreebsd-amd64...
I: Unpacking libpipeline1:kfreebsd-amd64...
I: Unpacking libsigc++-2.0-0c2a:kfreebsd-amd64...
I: Unpacking libssh2-1:kfreebsd-amd64...
I: Unpacking libtasn1-3:kfreebsd-amd64...
I: Unpacking libusb-0.1-4:kfreebsd-amd64...
I: Unpacking logrotate...
I: Unpacking man-db...
I: Unpacking manpages...
I: Unpacking nano...
I: Unpacking libncursesw5:kfreebsd-amd64...
I: Unpacking netbase...
I: Unpacking netcat-traditional...
I: Unpacking libnewt0.52...
I: Unpacking whiptail...
I: Unpacking libldap-2.4-2:kfreebsd-amd64...
I: Unpacking libssl1.0.0:kfreebsd-amd64...
I: Unpacking openssl...
I: Unpacking libp11-kit0:kfreebsd-amd64...
I: Unpacking libpopt0:kfreebsd-amd64...
I: Unpacking libprocps0:kfreebsd-amd64...
I: Unpacking procps...
I: Unpacking libreadline6:kfreebsd-amd64...
I: Unpacking readline-common...
I: Unpacking rsyslog...
I: Unpacking librtmp0:kfreebsd-amd64...
I: Unpacking libsqlite3-0:kfreebsd-amd64...
I: Unpacking tasksel...
I: Unpacking tasksel-data...
I: Unpacking info...
I: Unpacking install-info...
I: Unpacking vim-common...
I: Unpacking vim-tiny...
I: Unpacking wget...
I: Unpacking libxapian22...
I: Configuring the base system...
I: Configuring pf...
I: Configuring gpgv...
I: Configuring libssl1.0.0:kfreebsd-amd64...
I: Configuring libgdbm3:kfreebsd-amd64...
I: Configuring isc-dhcp-common...
I: Configuring libtasn1-3:kfreebsd-amd64...
I: Configuring libpopt0:kfreebsd-amd64...
I: Configuring libusb-0.1-4:kfreebsd-amd64...
I: Configuring libgpg-error0:kfreebsd-amd64...
I: Configuring install-info...
I: Configuring vim-common...
I: Configuring openssl...
I: Configuring libprocps0:kfreebsd-amd64...
I: Configuring netbase...
I: Configuring dmidecode...
I: Configuring libnetgraph4...
I: Configuring adduser...
I: Configuring manpages...
I: Configuring libsqlite3-0:kfreebsd-amd64...
I: Configuring libidn11:kfreebsd-amd64...
I: Configuring libkrb5support0:kfreebsd-amd64...
I: Configuring libnewt0.52...
I: Configuring libpipeline1:kfreebsd-amd64...
I: Configuring libsasl2-2:kfreebsd-amd64...
I: Configuring bsdmainutils...
I: Configuring inetutils-ping...
I: Configuring libipx2...
I: Configuring netcat-traditional...
I: Configuring debian-archive-keyring...
I: Configuring libncursesw5:kfreebsd-amd64...
I: Configuring libmemstat3...
I: Configuring info...
I: Configuring aptitude-common...
I: Configuring vidcontrol...
I: Configuring cron...
I: Configuring nano...
I: Configuring libp11-kit0:kfreebsd-amd64...
I: Configuring rsyslog...
I: Configuring cpio...
I: Configuring libstdc++6:kfreebsd-amd64...
I: Configuring isc-dhcp-client...
I: Configuring ca-certificates...
I: Configuring vim-tiny...
I: Configuring kldutils...
I: Configuring freebsd-net-tools...
I: Configuring readline-common...
I: Configuring libgcrypt11:kfreebsd-amd64...
I: Configuring procps...
I: Configuring libxapian22...
I: Configuring devd...
I: Configuring libk5crypto3:kfreebsd-amd64...
I: Configuring whiptail...
I: Configuring ifupdown...
I: Configuring libapt-pkg4.12:kfreebsd-amd64...
I: Configuring libept1.4.12...
I: Configuring libapt-inst1.5:kfreebsd-amd64...
I: Configuring libreadline6:kfreebsd-amd64...
I: Configuring logrotate...
I: Configuring libboost-iostreams1.49.0...
I: Configuring groff-base...
I: Configuring gnupg...
I: Configuring libsigc++-2.0-0c2a:kfreebsd-amd64...
I: Configuring libgnutls26:kfreebsd-amd64...
I: Configuring libldap-2.4-2:kfreebsd-amd64...
I: Configuring apt-utils...
I: Configuring libkrb5-3:kfreebsd-amd64...
I: Configuring libssh2-1:kfreebsd-amd64...
I: Configuring man-db...
I: Configuring libgssapi-krb5-2:kfreebsd-amd64...
I: Configuring apt...
I: Configuring librtmp0:kfreebsd-amd64...
I: Configuring wget...
I: Configuring libcwidget3...
I: Configuring aptitude...
I: Configuring libcurl3-gnutls:kfreebsd-amd64...
I: Configuring apt-transport-https...
I: Configuring tasksel...
I: Configuring tasksel-data...
I: Configuring ca-certificates...
I: Base system installed successfully.

So, damit ist die Jail erstellt, und ein Debian hineingeworfen. Fehlt noch ein Device fürs spätere tmpfs:

kernel@smeer-bsd ~> sudo mkdir /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root/lib/init/rw

Damit das Debian in der Jail am Ende auch sauber bootet, müssen wir die wichtigsten Dinge in der fstab vom Debian anfassen:

kernel@smeer-bsd ~> sudo cat /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/fstab 
linsys   /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root/sys         linsysfs  rw          0 0
linproc  /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root/proc        linprocfs rw          0 0
tmpfs    /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root/lib/init/rw tmpfs     rw,mode=777 0 0

Im Grunde ist die Jail jetzt fertig und könnte gestartet und benutzt werden. Ich gebe dem Ganzen aber noch eine IP Adresse:

kernel@smeer-bsd ~> sudo iocage set vnet=off debian-jail01
kernel@smeer-bsd ~> sudo iocage set ip4_addr="em0|192.168.1.46/16" debian-jail01

Setzte einen „schöneren“ Hostname:

kernel@smeer-bsd ~> sudo iocage set hostname="debian-jail01" debian-jail01
kernel@smeer-bsd ~> sudo iocage set host_hostname="debian-jail01" debian-jail01

Die hosts im Debian nicht vergessen:

kernel@smeer-bsd ~> sudo cat /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root/etc/hosts 
127.0.0.1       localhost debian-jail01
::1             localhost ip6-localhost ip6-loopback debian-jail01
fe00::0         ip6-localnet
ff00::0         ip6-mcastprefix
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters

Na dann kann die jail ja nun gestartet werden!

kernel@smeer-bsd ~> sudo iocage start debian-jail01
cannot create 'smeer/iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root': dataset already exists
mount_unionfs: /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/_: No such file or directory
mount_unionfs: /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/_: No such file or directory
mount: /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root/usr/home: No such file or directory
mount_unionfs: /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/_: No such file or directory
mount_unionfs: /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/_: No such file or directory
mkdir: /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/_/usr: No such file or directory
mount: /iocage/jails/19e3594f-8945-11e5-b55e-f01faf42fd26/root/usr/ports: No such file or directory
* Starting 19e3594f-8945-11e5-b55e-f01faf42fd26 (debian-jail01)
  + Started (shared IP mode) OK
  + Starting services        OK

Wie von den normalen BSD Jails bekannt kann man sich nun auch mit der Konsole verbinden:

kernel@smeer-bsd ~> sudo iocage console debian-jail01
GNU/kFreeBSD debian-jail01 10.2-RELEASE-p4 FreeBSD 10.2-RELEASE-p4 #0: Tue Aug 18 15:15:36 UTC 2015     root@amd64-builder.pcbsd.org:/usr/obj/usr/src/sys/GENERIC x86_64

The programs included with the Debian GNU/kFreeBSD system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/kFreeBSD comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
root@debian-jail01:~# apt-get update
Get:1 http://ftp.de.debian.org wheezy Release.gpg [2373 B]
Hit http://ftp.de.debian.org wheezy Release
Hit http://ftp.de.debian.org wheezy/main kfreebsd-amd64 Packages
Get:2 http://ftp.de.debian.org wheezy/main Translation-en [3846 kB]
Fetched 3848 kB in 3s (991 kB/s)                          
Reading package lists... Done
root@debian-jail01:~# 

Ja und bevor die Frage kommt, die exec Befehle zur Jail klappen natürlich ebenfalls:

kernel@smeer-bsd ~> sudo iocage exec debian-jail01 cat /etc/debian_version
7.9
kernel@smeer-bsd ~> sudo iocage exec debian-jail01 uname -a
GNU/kFreeBSD debian-jail01 10.2-RELEASE-p4 FreeBSD 10.2-RELEASE-p4 #0: Tue Aug 18 15:15:36 UTC 2015     root@amd64-builder.pcbsd.org:/usr/obj/usr/src/sys/GENERIC x86_64 amd64 Intel(R) Core(TM) i7-3540M CPU @ 3.00GHz GNU/kFreeBSD

kernel@smeer-bsd ~> sudo iocage exec debian-jail01 apt-get install mc
Reading package lists... Done
Building dependency tree... Done
The following extra packages will be installed:
  file libclass-isa-perl libffi5 libglib2.0-0 libglib2.0-data libmagic1 libpcre3 libswitch-perl libxml2 mc-data mime-support perl perl-modules
  sgml-base shared-mime-info unzip xml-core
Suggested packages:
  zip bzip2 links w3m lynx arj xpdf pdf-viewer dbview odt2txt gv catdvi djvulibre-bin imagemagick python python-boto python-tz perl-doc
  libterm-readline-gnu-perl libterm-readline-perl-perl make libpod-plainer-perl sgml-base-doc debhelper
The following NEW packages will be installed:
  file libclass-isa-perl libffi5 libglib2.0-0 libglib2.0-data libmagic1 libpcre3 libswitch-perl libxml2 mc mc-data mime-support perl perl-modules
  sgml-base shared-mime-info unzip xml-core
0 upgraded, 18 newly installed, 0 to remove and 0 not upgraded.
Need to get 15.2 MB of archives.
After this operation, 58.8 MB of additional disk space will be used.
Do you want to continue [Y/n]? y

Fehlt noch? Genau, das Ende:

kernel@smeer-bsd ~> sudo iocage stop debian-jail01
* Stopping 19e3594f-8945-11e5-b55e-f01faf42fd26 (debian-jail01)
  + Running pre-stop         OK
  + Stopping services        OK
  + Removing jail process    OK
  + Running post-stop        OK

Man man man… Durch das Thema sind wir aber nun geritten, oder? Na ja… Fragen? Dann fragen… Sorry fürs Scrollen, ich finde es aber gerade lustig .-P