Date: Sun, 11 Oct 2009 17:35:33 +0200 From: Alexander Leidinger <Alexander@Leidinger.net> To: Kevin Smith <kerbzo@gmail.com> Cc: freebsd-jail@freebsd.org Subject: Re: xorg in jail Message-ID: <20091011173533.000018be@unknown> In-Reply-To: <40670A70-FF15-4B7C-A7CB-5DE04E8EB358@gmail.com> References: <d2f8af270910081101w14b50a35vb74a7df0961539f5@mail.gmail.com> <20091009104526.12875uad5sybsao0@webmail.leidinger.net> <40670A70-FF15-4B7C-A7CB-5DE04E8EB358@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 10 Oct 2009 10:14:26 +0200 Kevin Smith <kerbzo@gmail.com> wrote: > Does this patch fix vnc server start error also ? I don't know. The patch allows access to /dev/io. Normally this is not possible, even if /dev/io is visible in the jail, as the kernel disallows all access to it from a jail. > When I try to run tightvncserver in a jail it says: > > A VNC server is already running as :0 I wouldn't expect that a VNC server needs access to /dev/io, so I would be surprised if this would help. > even if there is no vnc server running. You could start it via "ktrace -i tightvncserver" and when it abortet you can have a look with kdump|less what it tries to do. Bye, Alexander. > Thank you, > regards > > On Oct 9, 2009, at 10:45 AM, Alexander Leidinger wrote: > > > Quoting hulibyaka hulibyaka <hulibyaka@gmail.com> (from Thu, 8 Oct > > 2009 22:01:23 +0400): > > > >> What the difference for restriction on /dev/io between chroot and > >> jail? How can i get all needed by xinit privileges on /dev/io > >> within jail ? > > > > There are additional access restrictions in the kernel when run in > > a jail. You need > > http://www.leidinger.net/FreeBSD/current-patches/jail.diff > > and you need to rebuild the kernel and the world. > > > > After that you need to add > > jail_JAILID_startparams="allow.dev_io_access" for your jail startup. > > > > Bye, > > Alexander. > > > > -- > > Pie are not square. Pie are round. Cornbread are square. > > > > http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = > > B0063FE7 > > http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = > > 72077137 > > _______________________________________________ > > freebsd-jail@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > > To unsubscribe, send any mail to "freebsd-jail- > > unsubscribe@freebsd.org" > > -- > Kevin >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091011173533.000018be>