Strange things happening with jails?? Not starting up on boot
or services not running inside!
SamanKaya at netscape.net
Fri Jun 4 08:05:21 UTC 2010
On 04/06/2010 10:15, Alexander Leidinger wrote:
> Quoting Andrew Hotlab <andrew.hotlab at hotmail.com> (from Thu, 3 Jun
> 2010 22:04:44 +0000):
>> I've never had to make Squid listening on port 80, but referring its
>> startup script in /usr/local/etc/rc.d/:
>> # squid_user: The user id that should be used to run the Squid master
>> # process. Default: squid.
>> # Note that you probably need to define
>> "squid_user=root" if
>> # you want to run Squid in reverse proxy setups or if
>> you want
>> # Squid to listen on a "privileged" port < 1024.
>> So you only need to write the following line in /etc/rc.conf to have
>> Squid listening on this privileged port:
> An alternative is to change the sysctl
> net.inet.ip.portrange.reservedhigh. By lowering it, other users than
> root are allowed to bind to ports <1023 (the system prevents non-root
> binds to the port X in the range reservedlow <= X <= reservedhigh).
Many thanks guys for the responses!! I will see which method best fits
me... I guess I will take Andrew's suggestion as I don't really want to
open up the port range to *all* users however I guess it doesn't really
matter as by default Solaris 9 which Squid was originally on I don't
think blocked or disallowed anything and I certainly know that Linux
doesn't really care either!
> jail_list="named_1 named_2 squid"
> These lines are in the file/etc/rc.conf on the jail host?
> If you created all jails with ezjail,> there should be nothing like that: all jail_ vars would
> have been written in files stored in
> /usr/local/etc/ezjail/ (by default). If you are managing all jails with ezjail you can safely
> delete all these entries in the host's rc.conf (only remember to leave ezjail_enable="YES" if you> want automatic startup of all jails at boot time)
I didn't use ezjail... I was recommended to take the plunge in to the deep end and try to learn Jails by doing things manually. This is what I ended up with!! - although they do seem to work pretty well as far as I can tell.
More information about the freebsd-jail