HEADS UP: rcNG scripts inside a jail.
Tillman Hodgson
tillman at seekingfire.com
Fri Mar 5 09:19:08 PST 2004
On Fri, Mar 05, 2004 at 11:35:48AM -0500, Robert Watson wrote:
> On Fri, 5 Mar 2004, Pawel Jakub Dawidek wrote:
> > And here is the list of scripts that I've no idea if they should be
> > available inside a jail or not:
> >
> > bootparams
> > kdc
> > kerberos
> > keyserv
> > kpasswdd
<snip>
>
> I've never tried running Kerberos in a jail, but assuming it didn't mind
> the IP address munging, I see no reason not to allow it. In fact, you
> might argue that that could be a desirable configuration.
I agree. In fact, it's my preferred way to run KDC if I'm serving more
than one realm (thus more than one KDC) on the same machine.
> rpcbind probably is useful since there's no reason we couldn't run
> userspace RPC applications in a jail.
Such as when one is using NIS in conjunction with Kerberos for jailed
services :-)
-T
--
"A man who carries a cat by the tail learns something he can learn in no other
way."
- Mark Twain
More information about the freebsd-current
mailing list