Date: Thu, 3 Jun 2010 22:04:44 +0000 From: Andrew Hotlab <andrew.hotlab@hotmail.com> To: <samankaya@netscape.net>, <freebsd-jail@freebsd.org> Subject: RE: Strange things happening with jails?? Not starting up on boot or services not running inside! Message-ID: <BLU138-W35932975B5E41FC33DF781F6D10@phx.gbl>
next in thread | raw e-mail | index | archive | help
---------------------------------------- > Date: Thu=2C 3 Jun 2010 22:15:21 +0300 > From: SamanKaya@netscape.net > To: freebsd-jail@freebsd.org > Subject: Strange things happening with jails?? Not starting up on boot or= services not running inside! > > I have managed to create 4 and migrate many services in them already. > The only issue is that one Jail containing the Postfix MTA which I use > as an SMTP mail relay agent for my mail servers is not starting up when > the OS has been rebooted or booted for that matter?? > > I can't give any error logs as there are none but I can post the config > which is here: > > JID IP Address Hostname Path > 1 192.168.1.100 ns1.optiplex-networks.com /var/jail/named_1 > 2 192.168.1.101 ns2.optiplex-networks.com /var/jail/named_2 > 3 192.168.1.110 proxy.optiplex-networks.com /var/jail/squid > 4 192.168.1.115 relay.optiplex-networks.com /var/jail/postfix > > > jail_enable=3D"YES" > jail_list=3D"named_1 named_2 squid" > jail_named_1_rootdir=3D"/var/jail/named_1" > jail_named_1_hostname=3D"ns1.optiplex-networks.com" > jail_interface=3D"em0" > jail_named_1_ip=3D"192.168.1.100" > #jail_named_1_exec_start=3D"/usr/local/bin/named" > jail_named_1_devfs_enable=3D"YES" > jail_named_2_rootdir=3D"/var/jail/named_2" > jail_named_2_hostname=3D"ns2.optiplex-networks.com" > jail_interface=3D"em0" > jail_named_2_ip=3D"192.168.1.101" > jail_named_2_devfs_enable=3D"YES" > jail_squid_rootdir=3D"/var/jail/squid" > jail_squid_hostname=3D"proxy.optiplex-networks.com" > jail_interface=3D"em0" > jail_squid_ip=3D"192.168.1.110" > jail_squid_devfs_enable=3D"YES" > jail_postfix_rootdir=3D"/var/jail/postfix" > jail_postfix_hostname=3D"relay.optiplex-networks.com" > jail_interface=3D"em0" > jail_postfix_ip=3D"192.168.1.115" > jail_postfix_devfs_enable=3D"YES" > > These lines are in the file /etc/rc.conf on the jail host? If you created = all jails with ezjail=2C there should be nothing like that: all jail_ vars = would have been written in files stored in /usr/local/etc/ezjail/ (by defau= lt). If you are managing all jails with ezjail you can safely delete all t= hese entries in the host's rc.conf (only remember to leave ezjail_enable=3D= "YES" if you want automatic startup of all jails at boot time) > > Now another few issues related to the services inside is that I'm trying > to start Squid for my reverse proxy inside a Jail. However=2C the service > won't start on it's own as I'm needing port 80 and there seems to be a > block against normal users using ports <1024. I tested this by getting > Squid to run on it's default port 3128 and it works..... > > However the logs or screen readout just tells me that the service cannot > connect to port 80?? > > May 31 17:47:11 proxy squid[4360]: Cannot open HTTP Port > May 31 17:47:11 proxy squid[4358]: Squid Parent: child process 4360 > exited due to signal 6 > May 31 17:47:14 proxy squid[4358]: Squid Parent: child process 4364 start= ed > May 31 17:47:15 proxy squid[4364]: Cannot open HTTP Port > May 31 17:47:15 proxy squid[4358]: Squid Parent: child process 4364 > exited due to signal 6 > May 31 17:47:18 proxy squid[4358]: Squid Parent: child process 4367 start= ed > May 31 17:47:18 proxy squid[4367]: Cannot open HTTP Port > May 31 17:47:18 proxy squid[4358]: Squid Parent: child process 4367 > exited due to signal 6 > May 31 17:47:21 proxy squid[4358]: Squid Parent: child process 4370 start= ed > May 31 17:47:21 proxy squid[4370]: Cannot open HTTP Port > May 31 17:47:21 proxy squid[4358]: Squid Parent: child process 4370 > exited due to signal 6 > > I tried adding the user's Proxy and Squid to the group Wheel however > again no such luck :-( > I've never had to make Squid listening on port 80=2C but referring its star= tup script in /usr/local/etc/rc.d/: # squid_user: The user id that should be used to run the Squid master # process. Default: squid. # Note that you probably need to define "squid_user=3Droot" i= f # you want to run Squid in reverse proxy setups or if you wan= t # Squid to listen on a "privileged" port < 1024. So you only need to write the following line in /etc/rc.conf to have Squid = listening on this privileged port: squid_user=3D"root" I've just tried that with Squid 3.0 and it works (check the output of the c= ommand "sockstat -4l"). This is obviously a Squid-related issue=2C the fact that it's running in a = jail is not relevant here. Andrew =20 _________________________________________________________________ Hotmail: Powerful Free email with security by Microsoft. https://signup.live.com/signup.aspx?id=3D60969=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BLU138-W35932975B5E41FC33DF781F6D10>