Strange things happening with jails?? Not starting up on boot or services not running inside!

Kaya Saman SamanKaya at
Fri Jun 4 08:05:21 UTC 2010

On 04/06/2010 10:15, Alexander Leidinger wrote:
> Quoting Andrew Hotlab <andrew.hotlab at> (from Thu, 3 Jun 
> 2010 22:04:44 +0000):
>> I've never had to make Squid listening on port 80, but referring its 
>> startup script in /usr/local/etc/rc.d/:
>> # squid_user:   The user id that should be used to run the Squid master
>> #               process. Default: squid.
>> #               Note that you probably need to define 
>> "squid_user=root" if
>> #               you want to run Squid in reverse proxy setups or if 
>> you want
>> #               Squid to listen on a "privileged" port < 1024.
>> So you only need to write the following line in /etc/rc.conf to have 
>> Squid listening on this privileged port:
>> squid_user="root"
> An alternative is to change the sysctl 
> net.inet.ip.portrange.reservedhigh. By lowering it, other users than 
> root are allowed to bind to ports <1023 (the system prevents non-root 
> binds to the port X in the range reservedlow <= X <= reservedhigh).
> Bye,
> Alexander.

Many thanks guys for the responses!! I will see which method best fits 
me... I guess I will take Andrew's suggestion as I don't really want to 
open up the port range to *all* users however I guess it doesn't really 
matter as by default Solaris 9 which Squid was originally on I don't 
think blocked or disallowed anything and I certainly know that Linux 
doesn't really care either!

>  jail_enable="YES"
>  jail_list="named_1 named_2 squid"
>  jail_named_1_rootdir="/var/jail/named_1"
>  jail_named_1_hostname=""
>  jail_interface="em0"
>  jail_named_1_ip=""
>  #jail_named_1_exec_start="/usr/local/bin/named"
>  jail_named_1_devfs_enable="YES"
>  jail_named_2_rootdir="/var/jail/named_2"
>  jail_named_2_hostname=""
>  jail_interface="em0"
>  jail_named_2_ip=""
>  jail_named_2_devfs_enable="YES"
>  jail_squid_rootdir="/var/jail/squid"
>  jail_squid_hostname=""
>  jail_interface="em0"
>  jail_squid_ip=""
>  jail_squid_devfs_enable="YES"
>  jail_postfix_rootdir="/var/jail/postfix"
>  jail_postfix_hostname=""
>  jail_interface="em0"
>  jail_postfix_ip=""
>  jail_postfix_devfs_enable="YES"

>  These lines are in the file/etc/rc.conf on the jail host?


>  If you created all jails with ezjail,>  there should be nothing like that: all jail_ vars would
>  have been written in files stored in
>  /usr/local/etc/ezjail/  (by default).  If you are managing all jails with ezjail you can safely
>  delete all these entries in the host's rc.conf (only remember to leave ezjail_enable="YES" if you>  want automatic startup of all jails at boot time)

I didn't use ezjail... I was recommended to take the plunge in to the deep end and try to learn Jails by doing things manually. This is what I ended up with!! - although they do seem to work pretty well as far as I can tell.



More information about the freebsd-jail mailing list