From owner-freebsd-hackers@freebsd.org  Fri Nov 27 07:58:44 2015
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id ADC6DA3A4BB
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Fri, 27 Nov 2015 07:58:44 +0000 (UTC)
 (envelope-from carbaecker@gmx.de)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15])
 (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 1DF521BBA
 for <freebsd-hackers@freebsd.org>; Fri, 27 Nov 2015 07:58:43 +0000 (UTC)
 (envelope-from carbaecker@gmx.de)
Received: from [192.168.42.125] ([194.95.197.2]) by mail.gmx.com (mrgmx002)
 with ESMTPSA (Nemesis) id 0LaG7C-1ajpfJ3Ncs-00m2pV for
 <freebsd-hackers@freebsd.org>; Fri, 27 Nov 2015 08:58:35 +0100
Subject: Re: Hierarchical Jails
To: freebsd-hackers@freebsd.org
References: <trinity-2934d8e1-c138-4f4b-9347-aa091134bbe2-1448610700266@3capp-gmx-bs24>
 <trinity-c10493ba-34d0-4b72-b38a-6b917ab1cb17-1448610875468@3capp-gmx-bs24>
From: =?UTF-8?Q?Carsten_B=c3=a4cker?= <carbaecker@gmx.de>
Message-ID: <56580D28.4060107@gmx.de>
Date: Fri, 27 Nov 2015 08:58:32 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <trinity-c10493ba-34d0-4b72-b38a-6b917ab1cb17-1448610875468@3capp-gmx-bs24>
X-Provags-ID: V03:K0:PuJ32KH38MKGyUrohsFzZP5ziuGt/NzEyszlXi5BKfPuLk1vAwj
 bkB8u3gpBbNJ3BLe4JLmMPErIryT7DTUivzap4f/6SQoEjXSXWUGCzYp6UeZCNF6bnyf0lL
 WvuK/aIfbO4p7rlT9beB1V2J0Xb7YztcqV/doxrIVKQqT+uE0af1EHGtsQC7VO0REUzu0pe
 zh7of3MXAFFmhjD+PkS+Q==
X-UI-Out-Filterresults: notjunk:1;V01:K0:xe0FQExi+Vs=:d9UDHFYUFTVCR9ZmWcPzHq
 wt+GZtepV010STbpJ5O5CAWZin0pkT7+XrrUV0SxmXHdtfKmpw0r8hrJv4C5O8al0oXsXkthQ
 tRmOzRja2G69E02N4B62WBB6WUXlfTwlp4a3ajgoyzFkTNTVUmIbfyWN3V5LB+vVeMKa+dDrq
 ZdzYF3i+qNqMvxU9xNSh0KaqpvhbHnPIQ0o2h/INNJ1lX4Lu4RWlFK9Ua1O1+ga6m7koB198e
 9JoPThLiohYkpEh/ofBZ3KE57UblJMbVwNvlB4Lkv6bfoKGId+sjOQCMxbPixD0FJwgPeTvD9
 r1xh3c4YPMM34zrvE7KZaoEyIoe1XUuZadWnKBdmvpF+XFa5maYPMDxkYFQoYdNZkYE2q5SVP
 8CSlNsmQQRsMjgFBTP9qZGtD5Gdtup7UOa8RY28zfqasf3j/dITTwUO8P+EwV0LHV4Bj3tvnf
 fhIqpGow6YQhmkdRETnKc/ryJnFfbqAKnt5wifZWQcKFG7dKGY74vVuWrocg82EOqy8pXKZ29
 MyopDhIv3XH1XrZzknInTxcwJpPtF3BE4X9ogYk2om+7PU8YsOTZQEu5+K7hGubttxMOLLAeo
 WesbsjJWjrneavx9lmoDE+0d2cjz66/0NDf/Rh9LlzuNkdr5mLFZfaRVp5AjPUi9gyf02qNCJ
 6qICEkKGVYUup9mgkAetPv9T268QvN2XH+/KQiiRCi3cSDgGG8eBAM4ZeE32tZMrdGJEFk/mc
 gx0DkIkcoWHk4PEYTLRlQQKFY5SgYDWrIt/0ydrOYsMVRGuiUprIezOMTIsBVoW11m9Ckn0rM
 Zy+8j8m
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.20
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Nov 2015 07:58:44 -0000

Am 27.11.2015 um 08:54 schrieb "Carsten Bäcker":
> Sorry... something's wrong with GMX webmailer. Secont time this happens.
> Hi Hackers,
> i'm running into problems creating hierarchical jails.
> First of all: this is my first try with *hierarchical* jails (in favor 
> of creating a bunch of VMs for software-testing).
> I aliased lo0 with 127.0.1.1 - 127.0.1.3
> --- HOST jail.conf ---
> exec.start = "/bin/sh /etc/rc";
> exec.stop = "/bin/sh /etc/rc.shutdown";
> exec.clean;
> mount.devfs;
> persist;
>
> allow.socket_af=1;
> allow.raw_sockets=1;
> path = "/usr/local/jails/$name";
> mount.fstab = "/usr/local/jails/fstab.$name";
> core {
>         host.hostname="jail_core";
>         children.max=2;
>         ip4.addr = 
> ue0|192.168.42.90,lo0|127.0.1.1,lo0|127.0.1.2,lo0|127.0.1.3;
> }
> --- "jail_core" jail.conf ---
> exec.start = "/bin/sh /etc/rc";
> exec.stop = "/bin/sh /etc/rc.shutdown";
> exec.clean;
> mount.devfs;
> persist;
> path = "/usr/local/jails/$name";
> mount.fstab = "/usr/local/jails/fstab.$name";
> dev1 {
>         host.hostname="jail_dev1";
>         ip4.addr = lo0|127.0.1.1;
> }
> jail_core starts up fine, but "children.max" seems to have no effect 
> when checked within the jail.
> root@jail_core:/ # sysctl security.jail.param.children
> security.jail.param.children.max: 0
> security.jail.param.children.cur: 0
> I'm not sure if this is related to the following problem, but when i 
> try to create a child-jail in this jailed environment i run into the 
> following error.
> root@jail_core:/ # jail -c dev1
> ifconfig: ioctl (SIOCAIFADDR): permission denied
> jail: dev1: /sbin/ifconfig lo0 inet 127.0.1.1 netmask 255.255.255.255 
> alias: failed
> What am i doing wrong? Any suggestions?
> Unfortunately i didn't find too much information concerning 
> hierarchical jails.
> Running CURRENT -r290973.
> Best Regards
> Carsten Bäcker
> *Gesendet:* Freitag, 27. November 2015 um 08:51 Uhr
> *Von:* "Carsten Bäcker" <carbaecker@gmx.de>
> *An:* freebsd-hackers@freebsd.org
> *Betreff:* Hierarchical Jails
>
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"