FreeBSD: Mount /usr/ports Inside Jail

Q. I’d like to save disk space for my FreeBSD 7 ISP server. We run webserver, nameserver from various jails under powerful HP RAID 10 server. How do I export /usr/ports from host to each jail hosted on /jail/ volume such as /jail/www, /jail/ns, /jail/sql etc?

A. You need to use the mount_nullfs command. It creates a null layer, duplicating a sub-tree of the file system name space under another part of the global file system namespace. This allows existing files and directories to be accessed using a different pathname. You need to run this command outside jail.

Option #1: Mount ports in read write mode

Login as root and type the following command:
# D=/jail/www
# mkdir -p $D/usr/ports
# mount_nullfs /usr/ports $D/usr/ports
# mount | sort

Now login to jail called www (jail id # 10):
# jls
# jexec 10 sh

Try to install apache22:
# cd /usr/ports
# cd www/apache22
# make install clean

Option #2: Mount ports in read only mode

As suggested by reader Mel, you can mount ports tree in read only mode. This may result into ports tree integrity in a long run.
mkdir -p $D/usr/ports
mount_nullfs -o ro /usr/ports $D/usr/ports

Mount /var/distfiles in read-write mode:
# mkdir $D/var/distfiles
# mount_nullfs -o rw /usr/ports/distfiles $D/var/distfiles

Now install port called php5:
# cd /usr/ports/lang/php5
# make install clean WRKDIRPREFIX=/tmp

You need to set WRKDIRPREFIX as ports installed in read only mode. WRKDIRPREFIX specifies where to create any temporary files. You need to set WRKDIRPREFIX and variables as follows to make them a permanent settings in /etc/make.conf file:

WRKDIRPREFIX=           /var/ports
DISTDIR=                /var/ports/distfiles
PACKAGES=               /var/ports/packages


  • WRKDIRPREFIX : Where to create any temporary files.
  • DISTDIR : Where to find/put distfiles.
  • PACKAGES : Used only for the package target; the base directory for the packages tree, normally packages/ in PORTSDIR.

You can create those directory with the following make command:
# mkdir -p /var/ports/{packages,distfiles}

Further readings

  • man page ports, make

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 7 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
7 comments… add one
  • Mel Oct 5, 2008 @ 21:57

    It’s better to mount read-only, so you don’t make changes to the ports in either, both or neither. Secondly, you don’t get to deal with the port’s cookies (${WRKDIR}/.*_done) when you build port foo in either.


    to a jail writeable directory is required.

    I myself use:
    mkdir $D/var/distfiles
    mount -t nullfs -o rw /usr/ports/distfiles $D/var/distfiles

  • 🐧 nixCraft Oct 6, 2008 @ 6:56

    Nice tips. Thanks for sharing with us. The FAQ has been updated to incorporate your view.

  • SIFE Oct 5, 2010 @ 21:24

    I get this error:
    mount_nullfs: Operation not supported by device

    mount -t nullfs /usr $CO

    I try to mount in chroot environment.

  • SIFE Oct 5, 2010 @ 21:25

    I forget to add output of error:

    mount_nullfs: Operation not supported by device

  • SIFE Nov 24, 2010 @ 5:42

    I think we have first to load nullfs module then mount any specified directory in jail:

    #cd /usr/src/sys/modules/nullfs
    #make && make install clean
    #kldload nullfs
    #mount -t nullfs /usr $CO

  • Amy Lichti May 15, 2014 @ 19:20

    When I type the first command D=/jail/www (of course with my directory) I get D=/jail/www Command not found.

    Can you please help me fix this.

    thank you,

  • Uwe Trenkner Jul 3, 2014 @ 7:34

    Thanks for this (old) post – it just helped me set up my jails!

    Two minor things:
    You suggest to create those directory with the following make command:
    # mkdir -p /var/ports/{packages,distfiles}

    However, whether or not this command works, depends on your current shell. It does work for tcsh but not for sh.

    And there is a small mistake in option #2:

    Here you use the directory /var/distfiles
    Mount /var/distfiles in read-write mode:
    # mkdir $D/var/distfiles
    # mount_nullfs -o rw /usr/ports/distfiles $D/var/distfiles

    But later you suggest to put this into /etc/make.conf:
    DISTDIR= /var/ports/distfiles

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum