Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 23 Feb 2007 01:22:53 +0000
From:      "Jim Stapleton" <stapleton.41@gmail.com>
To:        freebsd-questions@freebsd.org
Subject:   problems with jail
Message-ID:  <80f4f2b20702221722q1de96eaaq426b061ae47f20fb@mail.gmail.com>

Next in thread | Raw E-Mail | Index | Archive | Help
I'd like to get Apache running in jail, but I can't seem to get
network working in jail.

I followed the instructions in the man page for jail so far, breating
the world install in my jail directory (/jail), which is the only BSD
partition on the drive (ad8s3d, ad8s3b is swap, and ad8s3c is that
weird partition chunk that always appears after a swap chunk).

In doing this I should be able to remove the main system disk from the
devfs in the jail, which seemed to be a good idea. But I hadn't gotten
that far yet...

Regardless, I didn't squash out any devices just yet with devfs,
instead, I ensure any 'net*' device had mode 755 (basic jail test,
ping the tail on the router), an modified the rc.conf files as the
manual page suggested.

Anyway, when I go to jail, running csh (as root) in jail, I try/get:
    %ping 192.168.1.1
    ping: socket: Operation not permitted

from my normal system prompt (out of jail):
 > ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=150 time=0.489 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=150 time=0.468 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=150 time=0.465 ms
...



I figure I messed something up pretty oddy for this not to work.
System:
FreeBSD 6.2 i386
CSUP run 2007-02-10
Ports [and their required deps] installed
x11/xorg, x11/kde3, editors/xemacs, editors/openoffice.org-2,
editors/nano, editors/pico, x11-wm/WMaker, lang/python25, net-im/gaim,
www/firefox


System rc.conf
hostname="elrond.ameritech.net"
ifconfig_nve0="inet 192.168.1.84 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
#ifconfig_nve0="DHCP"
usbd_enable="YES"
linux_enable="YES"
sshd_enable="YES"
sendmail_enable="NO"
inetd_flags="-wW -a 192.168.1.84"
rpcbind_enable="NO"


jail rc.conf
rpcbind_enable="NO"
#I had the nve0 interface setup with 192.168.1.85 and with "" assigned
to it also


jail command (run from root for testing purposes only - I'll narrow it
down to a less privledged host/jailed system user later)
jail /jail/ legolas@ameritech.net 192.168.1.85 /bin/csh

The machine was rebooted since I set everything up.


Thank you,
-Jim Stapleton



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?80f4f2b20702221722q1de96eaaq426b061ae47f20fb>