Create a pkgbase jail on a Traditional FreeBSD 15.1 (upgraded) install?

Hi,

I decided to try out pkgbase. I thought I could create a pkgbase jail to play with and compare with my 60+ traditional thick jails.
I have tried using

pkg -r /jails/pkgbase install FreeBSD-set-base-jail

which didn’t work. I added a -r FreeBSD-base before the set and that didn’t help.
I tried

bsdinstall jail /jails/pkgbase

and selected pkgbase. That also failed. I also tried

bsdinstall pkgbase —jail

which also failed.

No error messages, it just hangs seemingly forever. “Updating FreeBSD-base repository catalogue...”

I’m assuming these are all because FreeBSD-base is disabled by default.

What I haven’t been able to find out, is if it’s safe to enable FreeBSD-base on the traditional host system? I’m not ready to reinstall or use pkgbasify.
I see there is a -R option for pkg that may allow me to use a separate repo path. Is this my best option?

I don’t use a jail manager. Having used some in the past, I am more than happy managing with the built in tools and a couple scripts.
 
This is what I have been using:

sh:
# mkdir -p /tmp/jail/usr/share /usr/local/etc/pkg/repos
# echo "FreeBSD-base: { enabled: yes }" > /usr/local/etc/pkg/repos/FreeBSD.conf
# echo "FreeBSD-ports: { enabled: no }" >> /usr/local/etc/pkg/repos/FreeBSD.conf
# echo "FreeBSD-ports-kmods: { enabled: no }" >> /usr/local/etc/pkg/repos/FreeBSD.conf

You could locate the FreeBSD.conf file anywhere, using the -R /path/to/pkg/repos/FreeBSD.conf as Emrion said, or just disable it again after jail creation, to avoid it polluting your own system.

For the moment, you do need to copy the keys in:

Code:
# cp -av /usr/share/keys /tmp/jail/usr/share/
/usr/share/keys -> /tmp/jail/usr/share/keys
/usr/share/keys/pkg -> /tmp/jail/usr/share/keys/pkg
/usr/share/keys/pkg/trusted -> /tmp/jail/usr/share/keys/pkg/trusted
/usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301 -> /tmp/jail/usr/share/keys/pkg/trusted/pkg.freebsd.org.2013102301
/usr/share/keys/pkg/revoked -> /tmp/jail/usr/share/keys/pkg/revoked
/usr/share/keys/pkgbase-15 -> /tmp/jail/usr/share/keys/pkgbase-15
/usr/share/keys/pkgbase-15/revoked -> /tmp/jail/usr/share/keys/pkgbase-15/revoked
/usr/share/keys/pkgbase-15/trusted -> /tmp/jail/usr/share/keys/pkgbase-15/trusted
/usr/share/keys/pkgbase-15/trusted/awskms-15 -> /tmp/jail/usr/share/keys/pkgbase-15/trusted/awskms-15
/usr/share/keys/pkgbase-15/trusted/backup-signing-15 -> /tmp/jail/usr/share/keys/pkgbase-15/trusted/backup-signing-15

# pkg -oABI=FreeBSD:15:$(sysctl -n hw.machine_arch) \
   -oIGNORE_VERSION=YES -oOSVERSION=1501000 \
   --rootdir /tmp/jail \
   install -r FreeBSD-base \
   -g FreeBSD-set-base-jail
Updating FreeBSD-base repository catalogue...
Fetching meta.conf: 100%     179 B   0.2 kB/s    00:01
Fetching data: 100%    81 KiB  82.6 kB/s    00:01
Processing entries: 100%
FreeBSD-base repository update completed. 502 packages processed.
FreeBSD-base is up to date.
...

# pkg -oABI=FreeBSD:15:$(sysctl -n hw.machine_arch) \
>    -oIGNORE_VERSION=YES -oOSVERSION=1501000 \
>    --rootdir /tmp/jail \
>    install -yr FreeBSD-ports pkg
Updating FreeBSD-ports repository catalogue...
FreeBSD-ports repository is up to date.
FreeBSD-ports is up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        pkg: 2.6.2_1 [FreeBSD-ports]

Number of packages to be installed: 1

The process will require 27 MiB more space.
[1/1] Installing pkg-2.6.2_1...
[1/1] Extracting pkg-2.6.2_1: 100%

# jail -c name=testy path=/tmp/jail persist=true command=/bin/sh

# cd /tmp/jail
# mount -t devfs devfs dev

# jail -c name=testy path=/tmp/jail persist=true command=/bin/sh
root@:/ # pkg which /usr/sbin/uname
pkg: warning: database version 39 is newer than libpkg(3) version 38, but still compatible
/usr/sbin/uname was not found in the database
root@:/ # exit
#

locally I have no problems running bsdinstall jail /tmp/jail
 
What I haven’t been able to find out, is if it’s safe to enable FreeBSD-base on the traditional host system? I’m not ready to reinstall or use pkgbasify.
I see there is a -R option for pkg that may allow me to use a separate repo path. Is this my best option?
No problem with that.

I wrote a set of scripts but it's for nullfs thin jails. That said, you can see all you need to do in this code snippet:
Code:
# Copy all the keys that pkg needs
mkdir -p "$base/usr/share/keys"
cp -R /usr/share/keys/* "$base/usr/share/keys/"
TestErr "Error during the copy of the pkg keys" $?

# Case where the host isn't pkgbasified
if [ -z "$(pkg repos -le | grep base)" ]; then
    reposdir="-R $Jdir/templates" # Use pkgbase.conf
fi

pkg -r "$base" $reposdir install -y FreeBSD-set-base-jail
TestErr "Cannot install base" $?
    
resolv="/etc/resolv.conf"
if [ -e "$resolv" ]; then
    echo "Coping $resolv from host in base."
    cp "$resolv" "$base/etc/"
else
    echo "There is no $resolv in host. Do you expect all will flow good?"
fi

Content of $Jdir/templates/pkgbase.conf
Code:
FreeBSD-base: {
  url: "pkg+https://pkg.FreeBSD.org/${ABI}/base_release_${VERSION_MINOR}",
  mirror_type: "srv",
  signature_type: "fingerprints",
  fingerprints: "/usr/share/keys/pkgbase-${VERSION_MAJOR}",
  enabled: yes
}
 
Back
Top