/dev/mem /dev/kmem jails and using netstat -r and snmp

Lowell Gilbert freebsd-questions-local at be-well.ilk.org
Sat Sep 10 05:57:10 PDT 2005


"Ruben Bloemgarten" <rubenl at bloemgarten.demon.nl> writes:

> I seem to be a bit stuck here. I seem  to need access to /dev/mem and
> /dev/kmem from inside a jail . Specifically to be able to use netstat –r and
> snmp in jailed environments. I’m running FBSD 5.4-RELEASE. Could anyone help
> me shed some light on this problem ? Thanks. 

Making kmem available in a jail seems like it can't be the right
answer to anything.  Kind of contradicts the point, I would think.

I don't see an easy way around this.  Furthermore, there are different
approaches depending on why you are trying to do this.  If you want
system statistics inside of a jail for remote monitoring, consider
whether that is the best approach; after all, network management *is*
a fundamentally privileged operation.  One way to do it would be to
feed the statistics into the jail from outside of it; this way, the
privileged operation is separated from the network-accessible code,
and not dependent on it in any way.

Good luck.


More information about the freebsd-questions mailing list