From owner-freebsd-questions@freebsd.org Sat Sep 29 10:51:37 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 431C210C3448 for ; Sat, 29 Sep 2018 10:51:37 +0000 (UTC) (envelope-from ml@netfence.it) Received: from soth.netfence.it (net-2-44-121-52.cust.vodafonedsl.it [2.44.121.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mailserver.netfence.it", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8DF5A76B0D for ; Sat, 29 Sep 2018 10:51:36 +0000 (UTC) (envelope-from ml@netfence.it) Received: from alamar.ventu (alamar.local.netfence.it [10.1.2.18]) (authenticated bits=0) by soth.netfence.it (8.15.2/8.15.2) with ESMTPSA id w8TApOFl049855 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Sat, 29 Sep 2018 12:51:31 +0200 (CEST) (envelope-from ml@netfence.it) X-Authentication-Warning: soth.netfence.it: Host alamar.local.netfence.it [10.1.2.18] claimed to be alamar.ventu Subject: Re: Starting ntpd in a jail To: freebsd-questions@freebsd.org, phascolarctos@protonmail.ch References: <8a138f2e-11d4-d890-c28d-72717a9eed3a@netfence.it> From: Andrea Venturoli Message-ID: <66604988-682a-c60e-c2bf-fbcefb2572cd@netfence.it> Date: Sat, 29 Sep 2018 12:51:24 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.0.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Sep 2018 10:51:37 -0000 On 9/29/18 11:58 AM, Lorenzo Salvadore via freebsd-questions wrote: > I think your problem might be in the moment at which /bin/sh /etc/rc is executed. > As you probably know, there is a difference between creating a jail and entering > a jail (a jail might run without being used by anybody). In my configuration, > the line exec.start="/bin/sh /etc/rc" asks to start the services only when the jail is > created and they will not start again if I exit from the jail and enter again into it > without destroying and recreating the jail. > > Now, I think you could be in one of the following situations (or maybe both): > 1) when you start your jail through ezjail, what you are really doing is entering > in an already created jail and hence services are not started; in that case, it might be > that ntpd starts regularly if you reboot your system or restart the ezjail service (I think > it is a service); > 2) ezjail creates your jail at boot before everything needed by ntpd is set properly, so > ntpd fails at start and when you enter into the jail there is no ntpd: you could > check if that is the case by reading into the logs. In that case the solution would be to > reorder the host's services. > > I hope it helps. In ezjail terms: _ you "ezjail-admin create" a jail, meaning the filesystem is set up, files copied, binaries installed, etc...; you do this once, but the jail is still not running. _ you "ezjail-admin start" a jail, meaning you actually start whatever process should run inside that jail (this is what you mean by "creating a jail"?); /usr/local/etc/rc.d/ezjail will do this at boot if you want; _ you can enter a jail with "ezjail-admin console", in that case a shell process is launched inside the jail; when you exit it, the other processes in the jail will still be running. When you "ezjail-admin start" a jail, rc scripts run to start all the deamons that should run inside it. ntpd should be no exception. In my case ntpd is not starting while all other deamons start correctly, so I suspect someshing weird is happening with rc scripts. In this case it's ntpd, but could it possibly happen with other daemons? bye & Thanks av.