FreeBSD: Mount /usr/ports Inside Jail

by on October 3, 2008 · 5 comments· last updated at February 20, 2011

Q. I'd like to save disk space for my FreeBSD 7 ISP server. We run webserver, nameserver from various jails under powerful HP RAID 10 server. How do I export /usr/ports from host to each jail hosted on /jail/ volume such as /jail/www, /jail/ns, /jail/sql etc?

A. You need to use the mount_nullfs command. It creates a null layer, duplicating a sub-tree of the file system name space under another part of the global file system namespace. This allows existing files and directories to be accessed using a different pathname. You need to run this command outside jail.

Option #1: Mount ports in read write mode

Login as root and type the following command:
# D=/jail/www
# mkdir -p $D/usr/ports
# mount_nullfs /usr/ports $D/usr/ports
# mount | sort
Now login to jail called www (jail id # 10):
# jls
# jexec 10 sh
Try to install apache22:
# cd /usr/ports
# cd www/apache22
# make install clean

Option #2: Mount ports in read only mode

As suggested by reader Mel, you can mount ports tree in read only mode. This may result into ports tree integrity in a long run.
D=/jail/www
mkdir -p $D/usr/ports
mount_nullfs -o ro /usr/ports $D/usr/ports
Mount /var/distfiles in read-write mode:
# mkdir $D/var/distfiles
# mount_nullfs -o rw /usr/ports/distfiles $D/var/distfiles
Now install port called php5:
# cd /usr/ports/lang/php5
# make install clean WRKDIRPREFIX=/tmp
You need to set WRKDIRPREFIX as ports installed in read only mode. WRKDIRPREFIX specifies where to create any temporary files. You need to set WRKDIRPREFIX and variables as follows to make them a permanent settings in /etc/make.conf file:

WRKDIRPREFIX=           /var/ports
DISTDIR=                /var/ports/distfiles
PACKAGES=               /var/ports/packages

Where,

  • WRKDIRPREFIX : Where to create any temporary files.
  • DISTDIR : Where to find/put distfiles.
  • PACKAGES : Used only for the package target; the base directory for the packages tree, normally packages/ in PORTSDIR.

You can create those directory with the following make command:
# mkdir -p /var/ports/{packages,distfiles}

Further readings

  • man page ports, make


You should follow me on twitter here or grab rss feed to keep track of new changes.

This FAQ entry is 0 of 6 in the "FreeBSD Jail Operating System-level Virtualization Tutorial" series. Keep reading the rest of the series:

{ 5 comments… read them below or add one }

1 Mel October 5, 2008 at 9:57 pm

It’s better to mount read-only, so you don’t make changes to the ports in either, both or neither. Secondly, you don’t get to deal with the port’s cookies (${WRKDIR}/.*_done) when you build port foo in either.

Setting:
DISTDIR
WRKDIRPREFIX

to a jail writeable directory is required.

I myself use:
mkdir $D/var/distfiles
mount -t nullfs -o rw /usr/ports/distfiles $D/var/distfiles

Reply

2 vivek October 6, 2008 at 6:56 am

Nice tips. Thanks for sharing with us. The FAQ has been updated to incorporate your view.

Reply

3 SIFE October 5, 2010 at 9:24 pm

I get this error:
mount_nullfs: Operation not supported by device

CO=/compat/i386/usr
mount -t nullfs /usr $CO

I try to mount in chroot environment.

Reply

4 SIFE October 5, 2010 at 9:25 pm

I forget to add output of error:

mount_nullfs: Operation not supported by device

Reply

5 SIFE November 24, 2010 at 5:42 am

I think we have first to load nullfs module then mount any specified directory in jail:

#cd /usr/src/sys/modules/nullfs
#make && make install clean
#kldload nullfs
#CO=/compat/i386/usr
#mount -t nullfs /usr $CO

Reply

Leave a Comment

You can use these HTML tags and attributes for your code and commands: <strong> <em> <ol> <li> <u> <ul> <kbd> <blockquote> <pre> <a href="" title="">

Tagged as: , , , , , , , , , , , , , ,

Previous Faq:

Next Faq: