Date: Fri, 5 Mar 2010 14:40:10 +0200 From: Kostik Belousov <kostikbel@gmail.com> To: Mark Huizer <freebsd+jail@dohd.org> Cc: freebsd-jail@freebsd.org Subject: Re: 32-bit jails on a 64-bit system? Message-ID: <20100305124010.GM2489@deviant.kiev.zoral.com.ua> In-Reply-To: <4B90F3B2.9010901@dohd.org> References: <alpine.OSX.2.00.1001210142470.815@hotlap.local> <4B581A74.5060000@quip.cz> <4B90F3B2.9010901@dohd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--CeC2K4acttR/mmFn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Mar 05, 2010 at 01:06:10PM +0100, Mark Huizer wrote: > On 1/21/2010 10:12, Miroslav Lachman wrote: > > > >I think it is nothing new to 8.0, it is the same as release note for 7.2. > > > >I didn't test it, but I think you can install (copy) i386 jail (or=20 > >whole system) in to amd64 host and just run it as any other jail. > > >=20 > Actually, that's what I tried, since I want to move a server to new=20 > hardware, but with serious time constraints on my side :-( So my plan=20 > is/was: "rsync the entire machine, build a script that fixes IP=20 > addresses here and there in the copy, run the jail". >=20 > I did have to fix a few little things, stuff like copy a few binaries=20 > over (netstat, ps, ifconfig, w, top, ldd, ldd32) and of course the ld*=20 > files in /libexec. Furthermore I moved /usr/lib to /usr/lib32 and copied= =20 > /usr/lib from the amd64 install. > So far so good, I start jail, I see ssh, apache etc running, I start to= =20 > get happy. My own experience is that just moving 32bit i386 image onto amd64 host is better now then trying to make a hybrid with 32bit binaries and both 32 and 64 bit libraries. You have to disable all management operations in the startup, of course. I do not recommend to touch /libexec. You may put statically linked 64bit ps/top/netstat etc into the jail for convenience. Having amd64 bit kernel that can be configured and managed by 32bit binaries is the long road. On the other hand, user 32bit applications working very good. >=20 > But... a few things don't seem to work as intended, although I haven't=20 > checked each and every detail: >=20 > * cronolog seems to ignore part of the arguments, so if you tell it to=20 > log to /data/logs/%Y/%m/%d/access.log it will log to=20 > /data/logs/access.log ; didn't investigate yet >=20 > * postfix won't start. This I looked at a little more, but without succes= s. >=20 > On the count of postfix: >=20 > # ldd /usr/local/sbin/postfix > /usr/local/sbin/postfix: > libpcre.so.0 =3D> /usr/local/lib/libpcre.so.0 (0x2809d000) > libsasl2.so.2 =3D> /usr/local/lib/libsasl2.so.2 (0x280cf000) > libpam.so.5 =3D> not found (0x0) > libcrypt.so.5 =3D> /usr/lib32/libcrypt.so.5 (0x280e6000) > libssl.so.6 =3D> not found (0x0) > libcrypto.so.6 =3D> /usr/lib32/libcrypto.so.6 (0x280ff000) > libc.so.7 =3D> /usr/lib32/libc.so.7 (0x2825a000) >=20 > # ls -la /usr/lib*/libpam.so.5 > -r--r--r-- 1 root wheel 35848 Mar 3 23:31 /usr/lib/libpam.so.5 > -r--r--r-- 1 root wheel 28296 Mar 3 23:33 /usr/lib32/libpam.so.5 >=20 > You'd say it should work, but it doesn't. The best I've got so far is=20 > not copy /usr/lib from the amd64 host but make it a symlink to=20 > /usr/lib32. Then postfix works, but netstat etc won't, of course. > While typing this, this brought me to another idea. > - make /usr/lib symlink to /usr/lib32, mkdir /usr/lib64 filled with the= =20 > libs from the hostmachine's /usr/lib, and then edit /etc/rc.d/ldconfig,= =20 > change _LDC's /usr/lib to /usr/lib64, restart, and presto postfix works.= =20 > It's dirty but it seems to work for now, time for testing. >=20 > But I don't really understand why apache etc works, and postfix doesn't.= =20 > So far I see the issues with libpam and libssl, which both are in=20 > /usr/lib, where libc.so.7 is symlinked to /lib. Anyone who can explain=20 > the difference to me? And is this intended behaviour? >=20 > And now off to cronolog's not working %Y :-) >=20 > mark >=20 > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" --CeC2K4acttR/mmFn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (FreeBSD) iEYEARECAAYFAkuQ+6kACgkQC3+MBN1Mb4h7TgCfdRqPP9kfaK33VCeNKU+mf3b/ DXIAoOA24x2TIF3tk2P9NRy5pGiF5XSa =3Uiu -----END PGP SIGNATURE----- --CeC2K4acttR/mmFn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100305124010.GM2489>