possible jail bug?

Paul paul at mueller-blockhaus.de
Sun Oct 12 13:59:30 UTC 2014 

Hello Guys,

I had trouble changing the devfs ruleset for a jail. I wanted to jail
snort. For every interface I created a jail using ezjail. I named them
snort_em*. But when I change the Ruleset to
jail_snoet_em0_devfs_ruleset="devfsrules_jail_snort", the changed
devfs.rules doesen't applied. I was so frustrated, that I recreated the
jail with another name snortem* and then I worked. Is the "_"not
allowed for jailnames or is it a problem with ezjail or jails?

Greetings Paul

uname -a :
FreeBSD utm 9.3-RELEASE-p2 FreeBSD 9.3-RELEASE-p2 #1 r272282:
Fri Oct 3 16:06:53 CEST 2014     admin at utm:/usr/obj/usr/src/sys/RCTL
amd64
#######################################
/etc/devfs.rules
[devfsrules_jail_vpn=5]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path tun0 unhide
[devfsrules_unhide_bpf=6]
add path 'bpf*' unhide
[devfsrules_jail_dhcpd=7]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add include $devfsrules_unhide_bpf
[devfsrules_jail_snort=8]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add include $devfsrules_unhide_bpf
[devfsrules_jail_squid=9]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path pf unhide mode 040 group 100
#########################################
/usr/local/etc/ezjail/snort_em0
export jail_snort_em0_hostname="snort_em0"
export jail_snort_em0_ip="127.0.0.4"
export jail_snort_em0_rootdir="/jails/snort_em0"
export jail_snort_em0_exec_start="/bin/sh /etc/rc"
export jail_snort_em0_exec_stop=""
export jail_snort_em0_mount_enable="YES"
export jail_snort_em0_devfs_enable="YES"
export jail_snort_devfs_ruleset="devfsrules_jail_snort"
export jail_snort_em0_procfs_enable="NO"
export jail_snort_em0_fdescfs_enable="YES"
export jail_snort_em0_image=""
export jail_snort_em0_imagetype=""
export jail_snort_em0_attachparams=""
export jail_snort_em0_attachblocking=""
export jail_snort_em0_forceblocking=""
export jail_snort_em0_zfs_datasets=""
export jail_snort_em0_cpuset=""
export jail_snort_em0_fib=""
export jail_snort_em0_parentzfs=""
export jail_snort_em0_parameters=""
export jail_snort_em0_post_start_script=""
export jail_snort_em0_retention_policy=""
######################################
/usr/local/etc/ezjail/snortem0
export jail_snortem0_hostname="snortem0"
export jail_snortem0_ip="127.0.0.3"
export jail_snortem0_rootdir="/jails/snortem0"
export jail_snortem0_exec_start="/bin/sh /etc/rc"
export jail_snortem0_exec_stop=""
export jail_snortem0_mount_enable="YES"
export jail_snortem0_devfs_enable="YES"
export jail_snortem0_devfs_ruleset="devfsrules_jail_snort"
export jail_snortem0_procfs_enable="NO"
export jail_snortem0_fdescfs_enable="YES"
export jail_snortem0_image=""
export jail_snortem0_imagetype=""
export jail_snortem0_attachparams=""
export jail_snortem0_attachblocking=""
export jail_snortem0_forceblocking=""
export jail_snortem0_zfs_datasets=""
export jail_snortem0_cpuset=""
export jail_snortem0_fib=""
export jail_snortem0_parentzfs=""
export jail_snortem0_parameters=""
export jail_snortem0_post_start_script=""
export jail_snortem0_retention_policy=""

More information about the freebsd-questions mailing list