From owner-freebsd-net@FreeBSD.ORG Sun Feb 26 18:17:11 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BA07716A420 for ; Sun, 26 Feb 2006 18:17:11 +0000 (GMT) (envelope-from moray@oltrelinux.com) Received: from joey.wired.org (ip-114-46.sn1.eutelia.it [62.94.114.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id D8DA043D49 for ; Sun, 26 Feb 2006 18:17:06 +0000 (GMT) (envelope-from moray@oltrelinux.com) Received: from [127.0.0.1] (localhost.localdomain [127.0.0.1]) by joey.wired.org (Postfix) with ESMTP id 511DCAFEEA for ; Sun, 26 Feb 2006 19:17:07 +0100 (CET) Message-ID: <4401F0A2.5080605@oltrelinux.com> Date: Sun, 26 Feb 2006 19:17:06 +0100 From: Ciro Scognamiglio User-Agent: Mozilla Thunderbird 1.5 (X11/20051201) MIME-Version: 1.0 To: freebsd-net@freebsd.org X-Enigmail-Version: 0.94.0.0 OpenPGP: id=E89AA045 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: NIS client in a Jail X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Feb 2006 18:17:11 -0000 Hullo, I have a small server in my lan with FreeBSD 5.4-RELEASE-p11 that, among others, is running a NIS server correctly configured. I then configured a jail (as a virtual server) where I intend to run Apache and where I would like to use NIS to let (some) of the host users in instead of creating users also in the jail. Googling around and reading various jail-howto I noticed that the rcpbind daemon should not be run in the jail, but of course I need it to run in the jail to have ypbind running. Anyway, the client does not work, it tries to connect to the NIS server but it times out and, at this point, I am not really sure if it is possible to run it in a jail. I actually managed to get it run once...but, with the same identical configuration, once stopped the jail and rebooted the machine it didn't work anymore. The jail can resolve names and network works, here is its rc.conf: hostname="shelob.wired.org" network_interfaces="" clear_tmp_enable="YES" sendmail_enable="NO" sshd_enable="YES" rpcbind_enable="NO" nisdomainname="linc-domain" nis_client_enable="YES" nis_client_flags="-S linc-domain,linc" Is there anything wrong? (linc is of course the host machine) The hosted machine NIS server and Jail configuration in rc.conf: # NIS/YP nisdomainname="linc-domain" nis_server_enable="YES" #nis_server_flags="" nis_yppasswdd_enable="YES" #nis_yppasswdd_flags="" nis_client_enable="YES" nis_client_flags="-S linc-domain,192.168.0.4" # # JAIL # jail_enable="YES" # Set to NO to disable starting of any jails jail_list="shelob" # Space separated list of names of jails jail_shelob_rootdir="/usr/jail/shelob" jail_shelob_hostname="shelob.wired.org" jail_shelob_ip="192.168.0.5" jail_shelob_exec="/bin/sh /etc/rc" jail_shelob_devfs_enable="YES" jail_shelob_devfs_ruleset="devfsrules_jail" jail_shelob_fdescfs_enable="YES" jail_shelob_procfs_enable="YES" jail_shelob_mount_enable="YES" thnx in advance for your help. Ciro. P.S. On the host machine I managed to get almost all running services listening on the phisical interface IP address, I couldn't manage to get mountd, nmdb, rcpbind and the yp* services to listen only on that IP. P.P.S. Inside the jail I got the following messages in /var/log/messages: Feb 26 18:43:59 shelob /usr/sbin/ypbind[38440]: could not read from child: Interrupted system call Investigating ypbind.c it turned out to be an error caused by a read or write from a pipe... I stopped ypbind on the host machine and the error (in the jail) disappeared...I guess ypbind is not really ready for jail isn't it?