From owner-freebsd-jail@FreeBSD.ORG Fri Jan 20 08:59:56 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 22EAA1065678 for ; Fri, 20 Jan 2012 08:59:56 +0000 (UTC) (envelope-from linuxmail@4lin.net) Received: from mail.4lin.net (mail.4lin.net [IPv6:2a01:4f8:130:6021::50]) by mx1.freebsd.org (Postfix) with ESMTP id 5D3AB8FC13 for ; Fri, 20 Jan 2012 08:59:54 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.4lin.net (Postfix) with ESMTP id 7800B6904 for ; Fri, 20 Jan 2012 10:01:44 +0100 (CET) X-Virus-Scanned: amavisd-new at mail.4lin.net Received: from mail.4lin.net ([127.0.0.1]) by localhost (mail.4lin.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7E82c0YZVv-W for ; Fri, 20 Jan 2012 10:01:37 +0100 (CET) Received: from pcdenny.rbg.informatik.tu-darmstadt.de (pcdenny.rbg.informatik.tu-darmstadt.de [130.83.160.152]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.4lin.net (Postfix) with ESMTPSA id BDF963E890 for ; Fri, 20 Jan 2012 10:01:36 +0100 (CET) From: Denny Schierz Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Date: Fri, 20 Jan 2012 09:59:43 +0100 Message-Id: <07AF4A15-D2A2-4736-9596-8C41F93579B0@4lin.net> To: freebsd-jail@freebsd.org Mime-Version: 1.0 (Apple Message framework v1251.1) X-Mailer: Apple Mail (2.1251.1) Subject: Getting Jail v2 working with 9-stable X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jan 2012 08:59:56 -0000 hi, I'm try to get jails with there own network stack working under 9-stable = and have "only" problems with removing / stopping the jail. I wrote most = on the stable list, so I just copy the relevant parts here: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D I've created a new patch (adapted the old freebsd-9RC2 patch) for = /etc/rc.d/jail: The original patch: http://wiki.polymorf.fr/files/jail_rc.patch My patch: http://pastebin.com/9LdLwaNA It works (was very happy) if you start the jail, but has problems with = stopping: it shows in jls still as active: # jls JID IP Address Hostname Path 1 - template.domain /jails/template If I try to remove with "jail -r 1" than first the process hang, second = after while, the whole machine needs a reset. There is no process from = the jail active, nor any epair* interfaces or mounts, which is quite = good, but ... If i try to create the jail again (after /etc/rc.d/jail stop), it tries = to create the epair0a (the last I can see) interface and than it hangs = again -> reset needed Also nice to know: # umount /jails/template=20 umount: unmount of /jails/template failed: Device busy Also not possible: a normal reboot after starting / stopping the jail. = -> reset needed =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D = http://lists.freebsd.org/pipermail/freebsd-stable/2012-January/065556.html= One more thing: If you wait / do nothing (5-15min) after a while the = machine hangs too -> Reset My plattform is a Sun SPARC64 Sunfire v245: 9.0-STABLE FreeBSD = 9.0-STABLE So, maybe there is something missing. My rc.conf: cloned_interfaces=3D"bridge0" ifconfig_bridge0=3D"addm bge0 up" ifconfig_bridge0_alias0=3D"inet CHANGEDnetmask 255.255.255.192 up" ifconfig_bge0=3D"up" defaultrouter=3D"CHANGED" gateway_enable=3D"YES" # Jails jail_enable=3D"NO" jail_v2_enable=3D"YES" jail_list=3D"" jail_sysvipc_allow=3D"YES" =20 for file in /etc/jails/*.conf; do . $file done=20 cat /etc/jails/template.conf=20 #JAIL template jail_list=3D"$jail_list template" jail_template_name=3D"template" jail_template_hostname=3D"template.CHANGED" jail_template_devfs_enable=3D"YES" jail_template_rootdir=3D"/jails/template" jail_template_mount_enable=3D"YES" jail_template_fstab=3D"/etc/jails/fstabs/template" jail_template_vnet_enable=3D"YES" jail_template_flags=3D"-c vnet persist" =20 #network jail_template_exec_prestart0=3D"ifconfig epair0 create" jail_template_exec_prestart1=3D"ifconfig bridge0 addm epair0a" jail_template_exec_prestart2=3D"ifconfig epair0a up" jail_template_exec_earlypoststart0=3D"ifconfig epair0b vnet template" jail_template_exec_afterstart0=3D"ifconfig lo0 127.0.0.1" jail_template_exec_afterstart1=3D"ifconfig epair0b CHANGED netmask = 255.255.255.192 up" jail_template_exec_afterstart2=3D"route add default CHANGED" jail_template_exec_afterstart3=3D"/bin/sh /etc/rc" jail_template_exec_prestop0=3D"/bin/sh /etc/rc.shutdown" jail_template_exec_poststop=3D"ifconfig epair0b destroy" jail_template_exec_poststop0=3D"ifconfig bridge0 deletem epair0a" jail_template_exec_poststop1=3D"ifconfig epair0a destroy" sysctl: security.jail.enforce_statfs: 2 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 1 security.jail.sysvipc_allowed: 1 security.jail.socket_unixiproute_only: 0 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 Also nothing found with lsof/fuser ... any suggestions? cu denny=