I decided to collapse the multiple systems I have running various flavours of Linux and BSD into a  single system. For a long time I had been using Windows Small Business Server. Well I don’t really want to spend the money to upgrade to 2016 and since it appears Microsoft has abandoned its purist Unix roots by trading the tight and tidy SFU (Interix) for the wildly fat Ubuntu and a Linux ABI. In the advent of this change, I figured I would flip back to FreeBSD, which in my not-so-humble opinion is still the closest thing to Unix you can get. In fact, it actually derives its original sources from none other than Research UNIX, and while it’s wildly more advanced, the distribution holds it’s origin close to it’s heart.

Either way, the task: Support the ever growing number of ‘Appliance’ installs on top of FreeBSD. In this first iteration I have found several guides and worked through getting Debian 7 functional in a FreeBSD 10-STABLE Jail. No guarantees on stability, but I’ll update this if I come across any oddities. This task was performed on FreeBSD 10.3.

Load Linux Compat Kernel Modules…

root@host:/ # kldload linux
root@host:/ # kldload linux64
root@host:/ # kldload fdescfs
root@host:/ # kldload linprocfs
root@host:/ # kldload linsysfs
root@host:/ # kldload tmpfs

Make this persistent upon reboot by appending the following to ‘/boot/loader.conf’ on the FreeBSD host.

# ENABLE LINUX KERNEL FUNCTIONALITY #
fdescfs_load = “YES”
linprocfs_load = “YES”
linsysfs_load = “YES”
tmpfs_load = “YES”

Install ‘debootstrap’ and ‘perl5’ packages:

root@host:/ # pkg install debootstrap perl5

Create ZFS volume and mountpoint:

root@host:/ # zfs create zpool/usr/jail/.debian-7-linux

Stage the volume:

root@host:/ # debootstrap --foreign --arch=amd64 wheezy /usr/jail/.debian-7-linux http://cdn.debian.net/debian
root@host:/ # rm /usr/jail/.debian-7-linux/var/cache/apt/archives/sysvinit_*
root@host:/ # rm /usr/jail/.debian-7-linux/var/cache/apt/archives/rsyslog_*

Build temporary mounts for linux chroot: (or use the helper-script: linux-chroot)

root@host:/ # mount -t linprocfs none /jailz/deb-master/proc
root@host:/ # mount -t devfs none /jailz/deb-master/dev
root@host:/ # mount -t linsysfs none /jailz/deb-master/sys
root@host:/ # mount -t tmpfs none /jailz/deb-master/lib/init/rw

Chroot into installation to and complete Debian install:

root@host:/ # chroot /jailz/deb-master /bin/bash
I have no name!@host:/ # dpkg --force-depends -Ei /var/cache/apt/archives/*.deb
Selecting previously unselected package adduser.
(Reading database ... 0 files and directories currently installed.)
Unpacking adduser (from .../adduser_3.113+nmu3_all.deb) ...
Selecting previously unselected package apt-utils.
Unpacking apt-utils (from .../apt-utils_0.9.7.9+deb7u7_amd64.deb) ...

                ... removed for brevity ...

Setting up liblocale-gettext-perl (1.05-7+b1) ...
Setting up libpam0g:amd64 (1.1.3-7.1) ...
Setting up libssl1.0.0:amd64 (1.0.1e-2+deb7u20) ...
Setting up libtext-charwidth-perl (0.04-7+b1) ...
Setting up libtext-iconv-perl (1.7-5) ...
Setting up libtext-wrapi18n-perl (0.06-7) ...
Setting up man-db (2.6.2-1) ...
Building database of manual pages ...

... if it locks up here and takes an excessive amount of time ...
    ... find and kill the '/usr/bin/mandb -cq' process ...

Setting up e2fsprogs (1.42.5-1.1+deb7u1) ...
Setting up ifupdown (0.7.8) ...
Creating /etc/network/interfaces.
Setting up udev (175-7.2) ...
Being installed by debootstrap, udev not started.
dpkg: bash: dependency problems, but configuring anyway as you requested:
bash depends on base-files (>= 2.1.12); however:
Package base-files is not configured yet.

Setting up bash (4.2+dfsg-0.1+deb7u3) ...
update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode
Errors were encountered while processing:
base-files
I have no name!@host:/ # 

Fix repo paths:

I have no name!@host:/ # rm /etc/opt/sources.list
I have no name!@host:/ # echo deb http://deb.debian.org/debian wheezy main > /etc/opt/sources.list
I have no name!@host:/ # echo deb-src http://deb.debian.org/debian wheezy maint > /etc/opt/sources.list

Exit Jail, kill off any dangling processes and then unmount linux specific filesystems: (skip if using linux-chroot)

I have no name!@host:/ # exit
root@host:/ # for c in `fstat | grep debian-7-wheezy | grep -o -E '^\w+ +\w+ +\w+' | grep -o -E '[0-9]+\$'`
 do
  kill $c
 done

root@host:/ # umount /jailz/deb-master/proc
root@host:/ # umount /jailz/deb-master/dev
root@host:/ # umount /jailz/deb-master/sys
root@host:/ # umount /jailz/deb-master/lib/init/rw

Snapshot the Clean copy:

root@host:/ # zfs snapshot zpool/usr/jail/.debian-7-linux@clean

Configure the Jail: ‘/etc/jail.conf

# DEFAULT PARAMETERS
#
host.hostname = "$name";
path = "/usr/jail/$name";

mount.devfs;
mount.fstab = "/etc/fstab.$name";

allow.nomount;

exec.prestart = "";
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.poststop = "";
exec.clean;


#####################################
# TEMPLATE
#
debian-7-linux {

  path = "/usr/jail/.debian-7-linux";
  mount.fstab = "/etc/fstab.debian-7-linux";

  interface = "lo0"; # Change this to your actual interface
  ip4.addr = 192.0.2.20; # Assign a routable IP to perform apt-get functions..

  exec.start = "/etc/init.d/rc 3";
  exec.stop = "/etc/init.d/rc 0";

  allow.mount;
  mount.devfs;
}


#####################################
# PRODUCTION


Then edit ‘/usr/jails/debian/etc/fstab.debian-7’:

sys         /usr/jail/.debian-7-linux/sys       linsysfs   rw                 0 0
proc        /usr/jail/.debian-7-linux/proc      linprocfs  rw                 0 0
tmpfs       /usr/jail/.debian-7-linux/run       tmpfs      rw,noexec,nosuid   0 0

# ALLOWS SHARING OF THE SRC DIRECTORY FROM FREEBSD HOST.
/usr/src    /usr/jail/.debian-7-linux/usr/src   nullfs     ro                 0 0

Create master.passwd file as FreeBSD doesn’t use shadow file and update ‘/etc/passwd’:

root:/ # cat /usr/jail/.debian-7-linux/etc/passwd | sed -r 's/(:[x|*]:)([0-9]+:[0-9]+:)/:*:\2:0:0:/g' > /usr/jail/.debian-7-linux/etc/master.passwd
root:/ # pwd_mkdb -p -d /usr/jail/.debian-7-linux/etc /usr/jail/.debian-7-linux/etc/master.passwd

Start the jail:

root:/ # service jail start debian

Show Jail Status:

root:/ # jls
   JID  IP Address      Hostname                      Path
    24  192.168.0.201   debian-7                      /usr/jail/.debian-7


root:/ # df -h
Filesystem                         Size    Used   Avail Capacity  Mounted on
zroot/ROOT/default                  39G    3.5G     36G     9%    /
devfs                              1.0K    1.0K      0B   100%    /dev
zroot/tmp                           36G     16M     36G     0%    /tmp
zroot/usr/ports                     37G    940M     36G     2%    /usr/ports
zroot/usr/src                       37G    547M     36G     1%    /usr/src
zroot/var/audit                     36G     96K     36G     0%    /var/audit
zroot/var/crash                     36G     96K     36G     0%    /var/crash
zroot/var/log                       36G    904K     36G     0%    /var/log
zroot/var/mail                      36G    180K     36G     0%    /var/mail
zroot/var/tmp                       36G    116K     36G     0%    /var/tmp
zpool/usr/home                     3.5T    312G    3.2T     9%    /usr/home
zpool/usr/jail                     3.2T     84M    3.2T     0%    /usr/jail
zpool/usr/jail/.debian-7           3.2T    146M    3.2T     0%    /usr/jail/.debian-7
linsysfs                           4.0K    4.0K      0B   100%    /usr/jail/.debian-7/sys
linprocfs                          4.0K    4.0K      0B   100%    /usr/jail/.debian-7/proc
tmpfs                               37G     16K     37G     0%    /usr/jail/.debian-7/run
devfs                              1.0K    1.0K      0B   100%    /usr/jail/.debian-7/dev

Note that the items displayed may be different depending on your system.
Configure our Debian/kFreeBSD

Enter the jail:

root@host:/ # jexec debian-7-linux /bin/bash
root@debian-7-linux:/ #

Complete staging and set root password:

root@debian-7-linux:/ # dpkg-reconfigure tzdata
root@debian-7-linux:/ # apt-get update
Get:1 http://deb.debian.org wheezy Release.gpg [2373 B]
Get:2 http://deb.debian.org wheezy Release [191 kB]
Get:3 http://deb.debian.org wheezy/main Sources [5993 kB]
Get:4 http://deb.debian.org wheezy/main amd64 Packages [5839 kB] 
Get:5 http://deb.debian.org wheezy/main Translation-en [3846 kB] 
Fetched 15.9 MB in 18s (878 kB/s) 
Reading package lists... Done
root@debian-7-linux:/# cat /etc/apt/sources.list
deb http://deb.debian.org/debian wheezy main
deb-src http://deb.debian.org/debian wheezy main

  ...kill off any running processes that might have ...
    ... locks on files in  '/var/run' so apt-get ...
      ... can complete the base-files install ...

root@debian-7-linux:/ # ps ax
  PID TTY STAT TIME COMMAND
43993 ? R+ 0:00 ps ax
43975 ? S 0:00 /bin/bash
43963 ? Ss 0:00 /usr/sbin/cron
root@debian-7-linux:/ # rm -rf /var/run/*
root@debian-7-linux:/ # apt-get -f install

   ... set root password ...

root@debian-7-linux:/ # passwd
password:
Retype new UNIX password:
passwd: password updated successfully
root@debian-7-linux:/ # exit
root@host:/ #

Take Snapshot of host and clone new Jail from snapshot:

root@host:/ # zfs snapshot zpool/usr/jail/.debian-7-linux@p0
root@host:/ # zfs clone zpool/usr/jail/.debian-7-linux@p0 zpool/usr/jail/deb-test
root@host:/ # cp /etc/fstab.debian-7-linux /etc/fstab.deb-test
root@host:/ # cat <> /etc/jail.conf

deb-test {
  interface = "lo0";
  ip4.addr = 192.0.2.20;

  exec.start = "/etc/init.d/rc.3";
  exec.stop = "/etc/init.d/rc.0";
  
  mount.devfs;
}
JAILCONF
root@host:/ # jexec deb-test /bin/bash
root@deb-test:/ # exit /bin/bash
root@host:/ #

Special thanks to the author of the following post:
debian-gnukfreebsd-wheezy-in-a-freebsd-10-jail

Advertisements