From owner-freebsd-jail@FreeBSD.ORG Sun Aug 25 12:43:39 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 787A715F for ; Sun, 25 Aug 2013 12:43:39 +0000 (UTC) (envelope-from miguelmclara@gmail.com) Received: from mail-we0-x22b.google.com (mail-we0-x22b.google.com [IPv6:2a00:1450:400c:c03::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 0C3A22BEA for ; Sun, 25 Aug 2013 12:43:38 +0000 (UTC) Received: by mail-we0-f171.google.com with SMTP id p57so1891574wes.16 for ; Sun, 25 Aug 2013 05:43:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=user-agent:in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:from:date:to:cc:message-id; bh=2pVh+DYULVqsDamhpT8YHYixmhW/zCaiHk88wZKl7V8=; b=hYw2hsdfo3oW3Q0UCkWZcpOnuGH8Xj4ERRDL6Bzq88pVs+2nMdg54v1OEyOmIHqTCC 667m3iFWb2qMaBdzd7nbMJ9GIj80dt5OTg9D2mTPDGvmT9hcKfTXMD1NzvD4mUPudyxl fC4AfIDVvA3BpzWMnRfW9tx7mgWm7pFcSnxqv6AYnRfZ/znmnTE9kTb1JDtwVQ9Yq5EI zcFEcNtxbFqXuX1RUr+1JscGXwycANETIG+YLHTzOGPl0gy5EEYFnjDTGslkS/JEDPCZ MIe5s5Ju5HOSn/Jg4oWaaAdtyzDBhrCkwqTyczBGHxUGuQHkfgQCGdEuXC8oYKNj+xKy Cx4Q== X-Received: by 10.180.97.101 with SMTP id dz5mr4276041wib.11.1377434617254; Sun, 25 Aug 2013 05:43:37 -0700 (PDT) Received: from [10.63.142.106] (157.59.103.87.rev.vodafone.pt. [87.103.59.157]) by mx.google.com with ESMTPSA id dr11sm692016wid.3.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 25 Aug 2013 05:43:36 -0700 (PDT) User-Agent: K-9 Mail for Android In-Reply-To: <58331.68.255.103.36.1377403662.squirrel@cosmo.uchicago.edu> References: <52197976.3020405@gmail.com> <58331.68.255.103.36.1377403662.squirrel@cosmo.uchicago.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Subject: Re: connect -1 errno 1 Operation not permitted with specific user (nagios) From: "Miguel C." Date: Sun, 25 Aug 2013 13:43:28 +0100 To: galtsev@kicp.uchicago.edu,Valeri Galtsev Message-ID: <8c5f6574-5a12-4e39-b097-0d696671cfee@email.android.com> Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Aug 2013 12:43:39 -0000 Sorry I should have mentioned he did this with ezjails. I have a FreeBSD 9.1 at home with ezjails but I can only test this tomorrow. Valeri Galtsev wrote: >Mine was FreeBSD 9.1, amd64, and "per jail" config didn't work for me. >I >configure jails in /etc/rc.conf and start them on boot by enabling them >in >/etc/rc.conf (jail_enable="YES"), or start, stop, restart using > >/etc/rc.d/jail [start|stop|restart] > >For those who didn't see previous discussion, it was about suggested by >one of real experts elegant per jail enabling access to raw sockets >which >should work if one does this > >>> > Putting this in /etc/rc.conf: >>> > >>> > jail_${JailName}_parameters="allow.raw_sockets=1" > >For me it didn't work, so I have to enable raw sockets this way: > >sysctl security.jail.allow_raw_sockets=1 > >and restart jail > >or by adding into /etc/sysctl.conf > >security.jail.allow_raw_sockets=1 > >downside: raw sockets enabled in all jails. > >Thanks. >Valeri > >On Sat, August 24, 2013 10:26 pm, Mike C. wrote: >> This host is Freebsd 8, and the config "per" jail doesn't work! >> >> However, I friend of mine confirmed me it does work on FreeBSD 9 >hosts! >> >> >> -- >> Melhores Cumprimentos // Best Regards >> >------------------------------------------------------------------------ >Miguel Clara >> *nix Sys Admin Freelance >> >> >> http://www.linkedin.com/in/miguelmclara/ >> http://about.me/miguelmclara >> >------------------------------------------------------------------------ >_______________________________________________ >> freebsd-jail@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-jail >> To unsubscribe, send any mail to >"freebsd-jail-unsubscribe@freebsd.org" >> > > >++++++++++++++++++++++++++++++++++++++++ >Valeri Galtsev >Sr System Administrator >Department of Astronomy and Astrophysics >Kavli Institute for Cosmological Physics >University of Chicago >Phone: 773-702-4247 >++++++++++++++++++++++++++++++++++++++++ -- Sent from my Android device with K-9 Mail. Please excuse my brevity.