ApacheCon is Coming 9-12 Sept. 2019 - Las Vegas The Apache Software Foundation
Apache 20th Anniversary Logo

Community-led development "The Apache Way"

Apache Support Logo

This document is a quick overview of FreeBSD Jails at the ASF. Intended for PMCs with some notes for infra folk too. It is incomplete, please email users@infra with any queries you might have and to therefore help us complete this document.

Note that virtual machines are also available for operating systems other than FreeBSD. We don't seem to have documentation on those so far but as an example INFRA-4515 should provide enough info about how to get and use such a VM.

Here are some notes to assist the PMCs to manage their jail.

Creating users in a jail

Your PMC chair is root of your jail, and can add other users.

Note: When creating accounts, please reuse username and userid from people.a.o

$ sudo pw user add <username> -u $uid -m -d /home/<username> -s /bin/bash

$ sudo passwd <username>

Important: All accounts MUST log in using a public/private (RSA or DSA) key pair, see below. Users must add their keys to svn at https://svn.apache.org/repos/infra/infrastructure/trunk/ssh_keys/people/ so that zone admins can copy them after checking that a key belongs to the corresponding user.

Setting up key-based logins

The standard process for this is

Configuring OPIE for sudo access

Note: This section is not specific to jails, it applies to other machines accesses (eg, Ubuntu VM's) too. Ubuntu VM's use 'ortpasswd' (part of Orthrus) instead of 'opiepasswd'.

All users in the wheel group have sudo access. In order to use sudo, a user must configure OPIE by running 'opiepasswd' on the jail.

Opie/Orthrus documentation is located on cwiki.

User configuration


Installing/Configuring Apache2

The Apache Installation can be found at /usr/local/etc/apache22/. The main data directory where you can publish any results/documentation/etc is located at /usr/local/www/apache22/data. The Apache instance can be controlled with the /usr/local/etc/rc.d/apache22 script (sudo access required) and the 'apache22_enable' /etc/rc.conf entry.

Installing/Configuring Java

Java - either OpenJDK and/or Oracles Sun JDK have been installed on some of the jails. See /usr/local/bin/java. If 'java -version' or 'which java' comes up empty ask users@infra to install it for you or see the documentation if you fancy doing the license fetch/agree/install dance yourself.

See svn for extensive documentation

Is my VM puppet-ed?

Does /etc/puppet exist on the VM?