First, if you haven’t already done so, create a debian 7 template jail. See my previous post ‘Debian 7 Wheezy Installation in FreeBSD 10 Jail‘ if you need assistance on doing so…

Clone your debian-7-linux template…

root@host:/ # zfs clone zpool/usr/jail/.debian-7-linux@p0 zpool/usr/jail/unifi-video

Append the new jail configuration to ‘/etc/jail.conf’

... append to the bottom ...
# UBIQUITI UNIFI VIDEO NVR
unifi-video {

  interface = "ge0";       # confirm the name of your interface...
  ip4.addr = 192.0.2.201;  # set to an ip address thats routable...

  exec.start = "/etc/init.d/rc 3";
  exec.stop = "/etc/init.d/rc 0";

  allow.mount;
  mount.devfs;

}

Create Jail fstab: ‘/etc/fstab.unifi-video’

sys             /usr/jail/unifi-video/sys               linsysfs        rw                      0 0
proc            /usr/jail/unifi-video/proc              linprocfs       rw                      0 0
tmpfs           /usr/jail/unifi-video/run               tmpfs           rw,noexec,nosuid        0 0

Start the Jail:

root@host:/ # service jail start unifi-video

Start a shell in the jail:

root@host:/ # jexec unifi-video /bin/bash

Retrieve the lastest debian package from ubnt.com

root@unifi-video:/# cd /root/
root@unifi-video:~# wget --no-check-certificate https://dl.ubnt.com/firmwares/unifi-video/3.7.1/unifi-video_3.7.1~Debian7_amd64.deb
--2017-06-15 13:45:35--  https://dl.ubnt.com/firmwares/unifi-video/3.7.1/unifi-video_3.7.1~Debian7_amd64.deb
Resolving dl.ubnt.com (dl.ubnt.com)... 54.192.5.91
Connecting to dl.ubnt.com (dl.ubnt.com)|54.192.5.91|:443... connected.
WARNING: The certificate of `dl.ubnt.com' is not trusted.
WARNING: The certificate of `dl.ubnt.com' hasn't got a known issuer.
HTTP request sent, awaiting response... 200 OK
Length: 81610686 (78M) [application/x-debian-package]
Saving to: `unifi-video_3.7.1~Debian7_amd64.deb'

100%[===================================================================>] 81,610,686  19.3M/s   in 4.7s

2017-06-15 13:45:45 (16.6 MB/s) - `unifi-video_3.7.1~Debian7_amd64.deb' saved [81610686/81610686]

Install Dependancies:

root@unifi-video:~# apt-get install sudo psmisc lsb-release java7-runtime-headless jsvc mongodb-server

Install Debian Package:

root@unifi-video:~# dpkg -i /root/unifi-video_3.7.1~Debian7_amd64.deb

Modify ‘/usr/sbin/unifi-video’

  ... NOTE MODIFICATIONS IN RED BELOW...
#!/bin/sh
# Ubiquiti unifi-video service script -*- shell-script -*-
# Copyright (c) 2013-2015 Ubiquiti Networks, Inc. http://www.ubnt.com
# vim: ft=sh

set -e

NAME=unifi-video
PKGUSER=unifi-video

BASEDIR="/usr/lib/${NAME}"
DATADIR="${BASEDIR}/data"
PIDFILE="/var/run/${NAME}/${NAME}.pid"
TMPFS_DIR="/var/cache/${NAME}"

MAINCLASS="com.ubnt.airvision.Main"
MAINJAR="${BASEDIR}/lib/airvision.jar"

ENABLE_TMPFS=no
TMPFS_SIZE=15%

UFV_VERBOSE=
UFV_DEBUG=
UFV_DAEMONIZE=true

  ... removed for brevity ...

case $ACTION in
        start)
        require_root
    update_limits
        ulimit -H -c 200
        # echo 0x10 > /proc/self/coredump_filter
                if is_service_running "${PIDFILE}" >/dev/null; then
                        log_verbose "${NAME} is already running..."
                else

  ... removed for brevity ...

Change ownership on ‘/var/cache/unifi-video’

root@unifi-video:/# chown unifi-video:unifi-video /var/cache/unifi-video

Add unifi-video specific tmpfs mount manually to ‘/etc/fstab.unifi-video’ on host system:

# CUSTOM TMPFS FOR UNIFI-VIDEO JAIL
tmpfs           /usr/jail/unifi-video/var/cache/unifi-video     tmpfs           rw,noexec,size=15%,mode=0777,uid=unifi-video 0 0​​

Java Home located in /usr/lib/jvm/java-7-openjdk-amd64/jre
+– DUMPING JAVA HOME STRUCTURE ————————
| Java Home: “/usr/lib/jvm/java-7-openjdk-amd64/jre”
| Java VM Config.: “/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/jvm.cfg”
| Found JVMs: 1
| JVM Name: “server”
| “/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/server/libjvm.so”
+——————————————————-
Running w/ LD_LIBRARY_PATH=/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/server:/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64
redirecting stdout to /dev/null and stderr to /dev/null
Switching umask back to 022 from 077
Attemtping to load library libcap.so
Attemtping to load library libcap.so.2
loaded cap_free from libcap.
loaded cap_init from libcap.
loaded cap_clear from libcap.
loaded cap_get_flag from libcap.
loaded cap_set_flag from libcap.
loaded cap_set_proc from libcap.
failed setting default capabilities.
set_caps(CAPS) failed for user ‘unifi-video’
Service exit with a return value of 4
failed!

Advertisements