check_dhcp
Glen Barber
gjb at FreeBSD.org
Fri Jul 25 04:22:41 UTC 2014
On Thu, Jul 24, 2014 at 10:19:53PM -0600, Warren Block wrote:
> On Thu, 24 Jul 2014, Glen Barber wrote:
>
> >I think dhclient still will not work though, since it is set as 'nojail'
> >in /etc/rc.d/dhclient rc script.
>
> To be clear, what worked was running /sbin/dhclient, not the rc script. It
> requests and gets a lease, but does not manage to assign the address to the
> jail's interface.
>
Rightfully so. I would be worried if it did.[1]
> >Does /var/run/dhclient* stuff exist in the jail, with valid entries?
>
> It does create a pid file, and a dhclient.leases file in /var/db/. But the
> lease address is not assigned.
>
Good, I would be worried about this, as well.[1]
> >I suspect no, and if yes, I would argue this is a bug that it does.
>
> It runs, but toothlessly, which seems about right. :)
[1] Consider a shared hosting provider using jail(8), where root access
is granted. Such a case should not expect a dhclient(8) to arbitrarily
succeed on the network.
Glen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-jail/attachments/20140725/01ff1a93/attachment.sig>
More information about the freebsd-jail
mailing list