Date: Wed, 10 Dec 2014 00:10:29 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 195838] New: ezjail generates wrong /var/run/jail.<name>.conf Message-ID: <bug-195838-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195838 Bug ID: 195838 Summary: ezjail generates wrong /var/run/jail.<name>.conf Product: Ports Tree Version: Latest Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: pasko.boris@gmail.com ezjail generates multiple "allow.raw_sockets" entries in the /var/run/jail.<name>.conf which resutls in non-working ping inside jail. Specifics: 1) I have a jail named AProxy. Here is it's ezjail config: $ cat /usr/local/etc/ezjail/AProxy # create a Jail dependency tree. See rcorder(8) for more details. # # PROVIDE: standard_ezjail # REQUIRE: # BEFORE: # export jail_AProxy_hostname="AProxy.serv6.home" export jail_AProxy_parameters="allow.raw_sockets=1" export jail_AProxy_ip="192.168.98.3" export jail_AProxy_rootdir="/usr/jails/AProxy" export jail_AProxy_exec_start="/bin/sh /etc/rc" export jail_AProxy_exec_stop="" export jail_AProxy_mount_enable="YES" export jail_AProxy_devfs_enable="YES" export jail_AProxy_devfs_ruleset="devfsrules_jail" export jail_AProxy_procfs_enable="YES" export jail_AProxy_fdescfs_enable="YES" export jail_AProxy_image="" export jail_AProxy_imagetype="zfs" export jail_AProxy_attachparams="" export jail_AProxy_attachblocking="" export jail_AProxy_forceblocking="" export jail_AProxy_zfs_datasets="" export jail_AProxy_cpuset="" export jail_AProxy_fib="1" 2) I don't have any /etc/jail.conf (Tried to create empty /etc/jail.conf, tried to add AProxy-specific or global settings to it: nothing changes the behavior described below). 3) ezjail generates following runtime config for my jail: $ cat /var/run/jail.AProxy.conf # Generated by rc.d/jail at 2014-12-09 19:08:21 AProxy { host.hostname = "AProxy.serv6.home"; path = "/usr/jails/AProxy"; ip4.addr += "192.168.98.3/32"; exec.fib = "1"; allow.raw_sockets = 0; exec.clean; exec.system_user = "root"; exec.jail_user = "root"; exec.start += "/bin/sh /etc/rc"; exec.stop = ""; exec.consolelog = "/var/log/jail_AProxy_console.log"; mount.fstab = "/etc/fstab.AProxy"; mount.devfs; mount.fdescfs; mount += "procfs /usr/jails/AProxy/proc procfs rw 0 0"; allow.mount; allow.set_hostname = 0; allow.sysvipc = 0; allow.raw_sockets=1; } Note that there are two conflicting entries: allow.raw_sockets = 0; allow.raw_sockets=1; 4) freebsd version and such: $ uname -a FreeBSD serv6.home 10.1-RELEASE FreeBSD 10.1-RELEASE #6: Sun Dec 7 15:09:33 EST 2014 root@serv6.home:/usr/obj/usr/src/sys/SERV6.10.1 amd64 -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-195838-13>