[Bug 213896] when starting vimage jails the kernel crashes

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun Oct 30 14:57:44 UTC 2016 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213896

Joe Barbish <qjail1 at a1poweruser.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |qjail1 at a1poweruser.com

--- Comment #1 from Joe Barbish <qjail1 at a1poweruser.com> ---
I am running FreeBSD 11-RELEASE-p1 installed from scratch using cdrom.iso.
I have tested ipfw on the host and in a vimage jail with out any problems. My
custom kernel only has vimage compiled in. The host is running ipfw without
usimg DUMMYNET, IPDIVERT or IPFIREWALL_NAT. The vimage jail is also running
ipfw without using those same functions.

The only problem with ipfw is the vimage jails ipfw log messages get
intermingled into the host's ipfw log file.

I also tested with 
options VIMAGE
options IPFIREWALL
options IPFIREWALL_NAT          # ipfw kernel nat support
options IPDIVERT                # divert sockets
options LIBALIAS                # required by IPFIREWALL_NAT

compiled into the kernel and the host system booted fine with ipfw on the host
and the vimage jail worked the same as NOT compiling in ipfw. Did not test ipfw
using using those "functions listed above" on the host or vimage jail. 

The only reason to compile ipfw into the kernel is if the host is not running
ipfw. A vimage jail does not kldload modules on first reference like the host
does so you have to compile them into the kernel. An alternative is to
configure your vimage jail's jail.conf with a exec.prestart option to kldload
the ipfw modules used by the vimage jail. 

I didn't get any error messages from installkernel task during the vimage
kernel compile. My guess is nospam at ofloo.net has problem with his upgrade to
11.0 or had existing kernel compile problems before the upgrade which left his
updated system messed up. 

Suggest a install of 11.0 to a blank disk will correct this problem.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-jail mailing list