From owner-freebsd-jail@FreeBSD.ORG Thu Jun 3 22:04:46 2010 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CCAAA1065677 for ; Thu, 3 Jun 2010 22:04:46 +0000 (UTC) (envelope-from andrew.hotlab@hotmail.com) Received: from blu0-omc2-s15.blu0.hotmail.com (blu0-omc2-s15.blu0.hotmail.com [65.55.111.90]) by mx1.freebsd.org (Postfix) with ESMTP id 991548FC1D for ; Thu, 3 Jun 2010 22:04:46 +0000 (UTC) Received: from BLU138-W35 ([65.55.111.71]) by blu0-omc2-s15.blu0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 3 Jun 2010 15:04:45 -0700 Message-ID: X-Originating-IP: [217.133.1.92] From: Andrew Hotlab To: , Date: Thu, 3 Jun 2010 22:04:44 +0000 Importance: Normal Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginalArrivalTime: 03 Jun 2010 22:04:45.0787 (UTC) FILETIME=[C6DA52B0:01CB0368] Cc: Subject: RE: Strange things happening with jails?? Not starting up on boot or services not running inside! X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2010 22:04:46 -0000 ---------------------------------------- > Date: Thu=2C 3 Jun 2010 22:15:21 +0300 > From: SamanKaya@netscape.net > To: freebsd-jail@freebsd.org > Subject: Strange things happening with jails?? Not starting up on boot or= services not running inside! > > I have managed to create 4 and migrate many services in them already. > The only issue is that one Jail containing the Postfix MTA which I use > as an SMTP mail relay agent for my mail servers is not starting up when > the OS has been rebooted or booted for that matter?? > > I can't give any error logs as there are none but I can post the config > which is here: > > JID IP Address Hostname Path > 1 192.168.1.100 ns1.optiplex-networks.com /var/jail/named_1 > 2 192.168.1.101 ns2.optiplex-networks.com /var/jail/named_2 > 3 192.168.1.110 proxy.optiplex-networks.com /var/jail/squid > 4 192.168.1.115 relay.optiplex-networks.com /var/jail/postfix > > > jail_enable=3D"YES" > jail_list=3D"named_1 named_2 squid" > jail_named_1_rootdir=3D"/var/jail/named_1" > jail_named_1_hostname=3D"ns1.optiplex-networks.com" > jail_interface=3D"em0" > jail_named_1_ip=3D"192.168.1.100" > #jail_named_1_exec_start=3D"/usr/local/bin/named" > jail_named_1_devfs_enable=3D"YES" > jail_named_2_rootdir=3D"/var/jail/named_2" > jail_named_2_hostname=3D"ns2.optiplex-networks.com" > jail_interface=3D"em0" > jail_named_2_ip=3D"192.168.1.101" > jail_named_2_devfs_enable=3D"YES" > jail_squid_rootdir=3D"/var/jail/squid" > jail_squid_hostname=3D"proxy.optiplex-networks.com" > jail_interface=3D"em0" > jail_squid_ip=3D"192.168.1.110" > jail_squid_devfs_enable=3D"YES" > jail_postfix_rootdir=3D"/var/jail/postfix" > jail_postfix_hostname=3D"relay.optiplex-networks.com" > jail_interface=3D"em0" > jail_postfix_ip=3D"192.168.1.115" > jail_postfix_devfs_enable=3D"YES" > > These lines are in the file /etc/rc.conf on the jail host? If you created = all jails with ezjail=2C there should be nothing like that: all jail_ vars = would have been written in files stored in /usr/local/etc/ezjail/ (by defau= lt). If you are managing all jails with ezjail you can safely delete all t= hese entries in the host's rc.conf (only remember to leave ezjail_enable=3D= "YES" if you want automatic startup of all jails at boot time) > > Now another few issues related to the services inside is that I'm trying > to start Squid for my reverse proxy inside a Jail. However=2C the service > won't start on it's own as I'm needing port 80 and there seems to be a > block against normal users using ports <1024. I tested this by getting > Squid to run on it's default port 3128 and it works..... > > However the logs or screen readout just tells me that the service cannot > connect to port 80?? > > May 31 17:47:11 proxy squid[4360]: Cannot open HTTP Port > May 31 17:47:11 proxy squid[4358]: Squid Parent: child process 4360 > exited due to signal 6 > May 31 17:47:14 proxy squid[4358]: Squid Parent: child process 4364 start= ed > May 31 17:47:15 proxy squid[4364]: Cannot open HTTP Port > May 31 17:47:15 proxy squid[4358]: Squid Parent: child process 4364 > exited due to signal 6 > May 31 17:47:18 proxy squid[4358]: Squid Parent: child process 4367 start= ed > May 31 17:47:18 proxy squid[4367]: Cannot open HTTP Port > May 31 17:47:18 proxy squid[4358]: Squid Parent: child process 4367 > exited due to signal 6 > May 31 17:47:21 proxy squid[4358]: Squid Parent: child process 4370 start= ed > May 31 17:47:21 proxy squid[4370]: Cannot open HTTP Port > May 31 17:47:21 proxy squid[4358]: Squid Parent: child process 4370 > exited due to signal 6 > > I tried adding the user's Proxy and Squid to the group Wheel however > again no such luck :-( > I've never had to make Squid listening on port 80=2C but referring its star= tup script in /usr/local/etc/rc.d/: # squid_user: The user id that should be used to run the Squid master # process. Default: squid. # Note that you probably need to define "squid_user=3Droot" i= f # you want to run Squid in reverse proxy setups or if you wan= t # Squid to listen on a "privileged" port < 1024. So you only need to write the following line in /etc/rc.conf to have Squid = listening on this privileged port: squid_user=3D"root" I've just tried that with Squid 3.0 and it works (check the output of the c= ommand "sockstat -4l"). This is obviously a Squid-related issue=2C the fact that it's running in a = jail is not relevant here. Andrew =20 _________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=3D60969=