Date: Wed, 21 Aug 2013 12:35:13 +0100 From: Arthur Chance <freebsd@qeng-ho.org> To: Karl Pielorz <kpielorz_lst@tdx.co.uk> Cc: freebsd-questions@freebsd.org Subject: Re: jail.conf ignoring exec.fib? Message-ID: <5214A5F1.1060405@qeng-ho.org> In-Reply-To: <F43B55FE93B75994873635F8@Mail-PC.tdx.co.uk> References: <98486B2D79D00F0898B7C9E6@Mail-PC.tdx.co.uk> <520B7F0F.7020006@a1poweruser.com> <1960A5B02323B4982B4C0320@Mail-PC.tdx.co.uk> <520FA592.7010305@qeng-ho.org> <CC37CC84B8445F8B72E58E1F@study64.tdx.co.uk> <52131A55.2040400@qeng-ho.org> <D8E80BE524F446CFEC61712F@Mail-PC.tdx.co.uk> <5213A13E.9050307@qeng-ho.org> <F43B55FE93B75994873635F8@Mail-PC.tdx.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 21/08/2013 11:35, Karl Pielorz wrote: > > > --On 20 August 2013 18:02 +0100 Arthur Chance <freebsd@qeng-ho.org> wrote: > >> And that's just made me think of something else - I have a horrible >> feeling that jexec will attach to the jail using whatever fib it's >> running under, i.e. the fib from the host environment. Do you have (or >> can you enable) ssh running in the jail? If so, log into the jail that >> way, and see what >> >> sysctl net.my_fibnum >> >> shows then, because you'll be running under the environment created by >> /etc/rc. > > Ok, one word: Bingo. That was it. I'll spare you the gory details of how > I cut myself off from the machine, managed to create a jail with no > access etc. etc. > > But yes, that was it - in summary: > > jail -c -v Does not actually *show* the fib being set, but will show > an error if the setfib call fails. > > jexec Runs a process in the jail, using the prevailing fib - not > the jails fib, you can rectify this by using 'setfib X jexec jail tcsh' > > I don't know if that last point should be considered a 'bug' or not... Certainly the jexec problem is going to bite people again and again, so you should probably file a PR for it. As for the -v option, the man page says "Print a message on every operation", so it's down to what is or isn't regarded as an operation worth reporting. > Many thanks for your help! No problem, it helps me understand jails better as well. -- In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a new race of servants. Called Uruk-Oh-Hai in the Black Speech, they were cruel and delighted in torturing spelling and grammar. _Lord of the Rings 2.0, the Web Edition_
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5214A5F1.1060405>