From owner-freebsd-jail@FreeBSD.ORG Thu Jun 3 19:15:40 2010 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 092731065677 for ; Thu, 3 Jun 2010 19:15:40 +0000 (UTC) (envelope-from SamanKaya@netscape.net) Received: from imr-da01.mx.aol.com (imr-da01.mx.aol.com [205.188.105.143]) by mx1.freebsd.org (Postfix) with ESMTP id C03458FC22 for ; Thu, 3 Jun 2010 19:15:39 +0000 (UTC) Received: from mtaout-da02.r1000.mx.aol.com (mtaout-da02.r1000.mx.aol.com [172.29.51.130]) by imr-da01.mx.aol.com (8.14.1/8.14.1) with ESMTP id o53JFPOE023139 for ; Thu, 3 Jun 2010 15:15:25 -0400 Received: from [172.16.0.66] (unknown [212.156.209.87]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaout-da02.r1000.mx.aol.com (MUA/Third Party Client Interface) with ESMTPSA id 12006E004E45 for ; Thu, 3 Jun 2010 15:15:24 -0400 (EDT) Message-ID: <4C07FF49.3070606@netscape.net> Date: Thu, 03 Jun 2010 22:15:21 +0300 From: Kaya Saman User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.1.8) Gecko/20100227 Lightning/1.0b1 Thunderbird/3.0.3 MIME-Version: 1.0 To: freebsd-jail@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit x-aol-global-disposition: G X-AOL-SCOLL-SCORE: 0:2:468085984:93952408 X-AOL-SCOLL-URL_COUNT: 0 x-aol-sid: 3039ac1d33824c07ff4c68e0 X-AOL-IP: 212.156.209.87 Subject: Strange things happening with jails?? Not starting up on boot or services not running inside! X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2010 19:15:40 -0000 Hi guys, many thanks to Andrew Hotlab et al.... in accordance with helping me get started with BSD Jails!! I have managed to create 4 and migrate many services in them already. The only issue is that one Jail containing the Postfix MTA which I use as an SMTP mail relay agent for my mail servers is not starting up when the OS has been rebooted or booted for that matter?? I can't give any error logs as there are none but I can post the config which is here: JID IP Address Hostname Path 1 192.168.1.100 ns1.optiplex-networks.com /var/jail/named_1 2 192.168.1.101 ns2.optiplex-networks.com /var/jail/named_2 3 192.168.1.110 proxy.optiplex-networks.com /var/jail/squid 4 192.168.1.115 relay.optiplex-networks.com /var/jail/postfix jail_enable="YES" jail_list="named_1 named_2 squid" jail_named_1_rootdir="/var/jail/named_1" jail_named_1_hostname="ns1.optiplex-networks.com" jail_interface="em0" jail_named_1_ip="192.168.1.100" #jail_named_1_exec_start="/usr/local/bin/named" jail_named_1_devfs_enable="YES" jail_named_2_rootdir="/var/jail/named_2" jail_named_2_hostname="ns2.optiplex-networks.com" jail_interface="em0" jail_named_2_ip="192.168.1.101" jail_named_2_devfs_enable="YES" jail_squid_rootdir="/var/jail/squid" jail_squid_hostname="proxy.optiplex-networks.com" jail_interface="em0" jail_squid_ip="192.168.1.110" jail_squid_devfs_enable="YES" jail_postfix_rootdir="/var/jail/postfix" jail_postfix_hostname="relay.optiplex-networks.com" jail_interface="em0" jail_postfix_ip="192.168.1.115" jail_postfix_devfs_enable="YES" Which actually looking at the above have just noticed that it's not mentioned in the jail_list line!!! Well I've added it so now it should be ok so let this just be a backup in case someone else stumbles across this posting with a similar issue. Now another few issues related to the services inside is that I'm trying to start Squid for my reverse proxy inside a Jail. However, the service won't start on it's own as I'm needing port 80 and there seems to be a block against normal users using ports <1024. I tested this by getting Squid to run on it's default port 3128 and it works..... However the logs or screen readout just tells me that the service cannot connect to port 80?? May 31 17:47:11 proxy squid[4360]: Cannot open HTTP Port May 31 17:47:11 proxy squid[4358]: Squid Parent: child process 4360 exited due to signal 6 May 31 17:47:14 proxy squid[4358]: Squid Parent: child process 4364 started May 31 17:47:15 proxy squid[4364]: Cannot open HTTP Port May 31 17:47:15 proxy squid[4358]: Squid Parent: child process 4364 exited due to signal 6 May 31 17:47:18 proxy squid[4358]: Squid Parent: child process 4367 started May 31 17:47:18 proxy squid[4367]: Cannot open HTTP Port May 31 17:47:18 proxy squid[4358]: Squid Parent: child process 4367 exited due to signal 6 May 31 17:47:21 proxy squid[4358]: Squid Parent: child process 4370 started May 31 17:47:21 proxy squid[4370]: Cannot open HTTP Port May 31 17:47:21 proxy squid[4358]: Squid Parent: child process 4370 exited due to signal 6 I tried adding the user's Proxy and Squid to the group Wheel however again no such luck :-( This is the current line that is having issues: http_port 192.168.1.110:80 accel defaultsite=domain.com vhost I then once had done much Google'ing and not finding out anything got fed up of using the rc scripts and attempted running the service using /usr/local/sbin/squid -NCd1 which gave me verbose diagnostic output saying that all was ok; as manual debug method which I guess I should have done before even attempting the rc scripts: proxy# /usr/local/sbin/squid -NCd1 2010/05/31 17:55:54| Starting Squid Cache version 2.7.STABLE7 for amd64-portbld-freebsd8.0... 2010/05/31 17:55:54| Process ID 4484 2010/05/31 17:55:54| With 11095 file descriptors available 2010/05/31 17:55:54| Using kqueue for the IO loop 2010/05/31 17:55:54| Performing DNS Tests... 2010/05/31 17:55:54| Successful DNS name lookup tests... 2010/05/31 17:55:54| DNS Socket created at 0.0.0.0, port 39116, FD 6 2010/05/31 17:55:54| Adding nameserver 192.168.1.100 from /etc/resolv.conf 2010/05/31 17:55:54| Adding nameserver 192.168.1.101 from /etc/resolv.conf 2010/05/31 17:55:54| logfileOpen: opening log /var/log/squid/access.log 2010/05/31 17:55:54| Unlinkd pipe opened on FD 11 2010/05/31 17:55:54| Swap maxSize 102400 + 8192 KB, estimated 8507 objects 2010/05/31 17:55:54| Target number of buckets: 425 2010/05/31 17:55:54| Using 8192 Store buckets 2010/05/31 17:55:54| Max Mem size: 8192 KB 2010/05/31 17:55:54| Max Swap size: 102400 KB 2010/05/31 17:55:54| logfileOpen: opening log /var/log/squid/store.log 2010/05/31 17:55:54| Rebuilding storage in /usr/local/squid/cache (DIRTY) 2010/05/31 17:55:54| Using Least Load store dir selection 2010/05/31 17:55:54| Set Current Directory to /var/spool/squid 2010/05/31 17:55:54| Loaded Icons. 2010/05/31 17:55:54| Accepting accelerated HTTP connections at 192.168.1.110, port 80, FD 13. 2010/05/31 17:55:54| Accepting ICP messages at 0.0.0.0, port 3130, FD 14. 2010/05/31 17:55:54| Accepting SNMP messages on port 3401, FD 15. 2010/05/31 17:55:54| WCCP Disabled. 2010/05/31 17:55:54| Configuring x-ray Parent x-ray/80/0 2010/05/31 17:55:54| Configuring zeta-ray Parent zeta-ray/80/0 2010/05/31 17:55:54| Configuring delta-ray Parent delta-ray/80/0 2010/05/31 17:55:54| Configuring g-stat-1 Parent g-stat-1/80/0 2010/05/31 17:55:54| Ready to serve requests. 2010/05/31 17:55:54| Done reading /usr/local/squid/cache swaplog (0 entries) 2010/05/31 17:55:54| Finished rebuilding storage from disk. 2010/05/31 17:55:54| 0 Entries scanned 2010/05/31 17:55:54| 0 Invalid entries. 2010/05/31 17:55:54| 0 With invalid flags. 2010/05/31 17:55:54| 0 Objects loaded. 2010/05/31 17:55:54| 0 Objects expired. 2010/05/31 17:55:54| 0 Objects cancelled. 2010/05/31 17:55:54| 0 Duplicate URLs purged. 2010/05/31 17:55:54| 0 Swapfile clashes avoided. 2010/05/31 17:55:54| Took 0.4 seconds ( 0.0 objects/sec). 2010/05/31 17:55:54| Beginning Validation Procedure 2010/05/31 17:55:54| Completed Validation Procedure 2010/05/31 17:55:54| Validated 0 Entries 2010/05/31 17:55:54| store_swap_size = 0k 2010/05/31 17:55:55| storeLateRelease: released 0 objects Since this I needed to alter a few lines within the reverse proxy config as IP addresses and machine names had changed but still Squid comes online and works fine without any problem when starting this way. Since this was started as user:root I figured that I could put in a crontab telling the system to auto boot the service the manual way..... This is my rc.conf file: proxy# cat /etc/rc.conf defaultrouter="192.168.1.1" hostname="proxy.domain.com" #ifconfig_em0="inet 192.168.1.103 netmask 255.255.255.0" #squid_enable="YES" sshd_enable="YES" With the crontab being as so: proxy# crontab -l @reboot /usr/local/sbin/squid However, the service just refuses to automatically start and am left having to start it manually each time!! :-( /var/log/messages tells me that the service cannot connect to the http port when done via cron job? I compiled it from the ports collection: Zeta-Ray# uname -a FreeBSD Zeta-Ray.domain.com 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC 2009 root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 Many thanks for any help! Regards, Kaya