# Running FreeBSD 8.3 jail on a 10.1 host



## ethoms (Feb 10, 2015)

I've seen some articles about it being possible to run older jails on newer hosts. However, I don't know how far back we can go. Can I run an 8.3 jail on a 10.1 host? And if so, is there any info I can read up on?

I read an interesting article about installing a FreeBSD 4 jail on a 10.0 host, sounds very promising them.

I don't need them to run for very long, but it needs to be stable. I will port the services over to new 10.1 jails one by one over the course of a few weeks. If I had seperate hardware, it would be a different story, but I don't. It has to be the same server.

A regular upgrade cycle is too risky, since I can't say some of the ports will build on 10.1. I have a couple of things I compiled from source, which I had to patch on 8.3 and gcc. The gcc to clang move makes things tricky.

But if the old jails work, I can move stuff incrementaly, lowering the chance of disruption.

Also, I'm using ezjail. Which I wish I wasn't now, since it would be easier to just dump the jails via zfs send/recv. But now I may have to install a newer ezjail and have it play with my older ezjail zfs filesystems. Of course I could just tarball the root of the jails and untar to an empty zfs filesystem, but that's seems a bit messy.


----------



## woodsb02 (Feb 11, 2015)

Michael Lucas recently did a FreeBSD 4 jail. Jails were introduced in FreeBSD 4, so I doubt you can go to versions of FreeBSD before that. He documented his experience here:
http://blather.michaelwlucas.com/archives/1919

Also, ezjail-admin(1) has archive/restore functionality, which ignores the basejail, simply creating a tar  archive of the /usr/local, /var and other parts which are not the base system. It is described here:
https://www.freebsd.org/doc/handbook/jails-ezjail.html


----------



## ethoms (Feb 11, 2015)

woodsb02 said:


> Michael Lucas recently did a FreeBSD 4 jail. Jails were introduced in FreeBSD 4, so I doubt you can go to versions of FreeBSD before that. He documented his experience here:
> http://blather.michaelwlucas.com/archives/1919
> 
> Also, ezjail-admin(1) has archive/restore functionality, which ignores the basejail, simply creating a tar  archive of the /usr/local, /var and other parts which are not the base system. It is described here:
> https://www.freebsd.org/doc/handbook/jails-ezjail.html



That's a great idea. I knew about archive/restore, but I forgot about it. Thanks, that will definetely help me out.

I still don't know if I need to install the compat8x stuff. Ans if so, do I install it in the base or the jail. There must be some documentation about this somewhere.


----------



## woodsb02 (Feb 11, 2015)

If you run a FreeBSD 8 world in a jail on a FreeBSD 10 host/kernel, you do not need to install the misc/compat8x port on either the host or the jail. That port is only required if you have ports compiled for FreeBSD 8 world but running in a FreeBSD 10 world (but in this case you will have a FreeBSD 8 world running with ports compiled for FreeBSD 8, so it's not required).

As for the kernel/userland boundary, the GENERIC kernels include the necessary COMPAT_FREEBSD configuration options by default, meaning that kernel calls using the FreeBSD 8 API should mostly work on a FreeBSD 10 kernel (there are exceptions).

In short, you should be able to do nothing, and FreeBSD 8 jails should just work on FreeBSD 10 host.


----------



## ethoms (Feb 13, 2015)

woodsb02 said:


> If you run a FreeBSD 8 world in a jail on a FreeBSD 10 host/kernel, you do not need to install the misc/compat8x port on either the host or the jail. That port is only required if you have ports compiled for FreeBSD 8 world but running in a FreeBSD 10 world (but in this case you will have a FreeBSD 8 world running with ports compiled for FreeBSD 8, so it's not required).
> 
> As for the kernel/userland boundary, the GENERIC kernels include the necessary COMPAT_FREEBSD configuration options by default, meaning that kernel calls using the FreeBSD 8 API should mostly work on a FreeBSD 10 kernel (there are exceptions).
> 
> In short, you should be able to do nothing, and FreeBSD 8 jails should just work on FreeBSD 10 host.



That's just simply awesome! Is there nothing FreeBSD can't do, and do well!!

A big thank-you, gives me some more confidence to go ahead. And it means I won't have to do tons of work in a panic over one weekend.


----------



## manuelfhp (Sep 18, 2018)

woodsb02 said:


> If you run a FreeBSD 8 world in a jail on a FreeBSD 10 host/kernel, you do not need to install the misc/compat8x port on either the host or the jail. That port is only required if you have ports compiled for FreeBSD 8 world but running in a FreeBSD 10 world (but in this case you will have a FreeBSD 8 world running with ports compiled for FreeBSD 8, so it's not required).
> 
> As for the kernel/userland boundary, the GENERIC kernels include the necessary COMPAT_FREEBSD configuration options by default, meaning that kernel calls using the FreeBSD 8 API should mostly work on a FreeBSD 10 kernel (there are exceptions).
> 
> In short, you should be able to do nothing, and FreeBSD 8 jails should just work on FreeBSD 10 host.



I'm running FreeBSD 8.3 jail on a 10.3 Host and it's working fine , but:
I can't see which ports are established or listened running netstat inside jail.

netstat only print these outputs when running inside jail:
jail#netstat -an
Active UNIX domain sockets
Address  Type   Recv-Q Send-Q    Inode     Conn     Refs  Nextref Addr
fffff80013f87000 stream      0      0        0 fffff80013f55b40        0        0
fffff80013f55e10 stream      0      0 fffff8007961c000        0        0        0 /var/run/cups.sock
...
..
.

Do you know how to fix it?


----------



## Bobi B. (Sep 19, 2018)

manuelfhp said:


> I'm running FreeBSD 8.3 jail on a 10.3 Host and it's working fine , but:
> I can't see which ports are established or listened running netstat inside jail.
> 
> netstat only print these outputs when running inside jail:
> ...


As Michael W. Lucas wrote about ps(1): 





> The disadvantage to this system is that you can’t run ps(1) inside the jail. The ps command reads kernel data structures. While the FreeBSD 10 kernel includes FreeBSD 4 compatibility, that compatibility doesn’t extend to ps(1) and similar commands. You must use ps(1) from the jail host.


 The same is, most likely, true for netstat(1), as well.

Try what will happen if you run statically linked host `netstat` in your jail. Sadly netstat is not in /rescue, but `ps` is. Do you mind giving it a try?


----------

