Hierarchical Jails

Carsten Bäcker carbaecker at gmx.de
Fri Nov 27 07:58:44 UTC 2015 

Am 27.11.2015 um 08:54 schrieb "Carsten Bäcker":
> Sorry... something's wrong with GMX webmailer. Secont time this happens.
> Hi Hackers,
> i'm running into problems creating hierarchical jails.
> First of all: this is my first try with *hierarchical* jails (in favor 
> of creating a bunch of VMs for software-testing).
> I aliased lo0 with 127.0.1.1 - 127.0.1.3
> --- HOST jail.conf ---
> exec.start = "/bin/sh /etc/rc";
> exec.stop = "/bin/sh /etc/rc.shutdown";
> exec.clean;
> mount.devfs;
> persist;
>
> allow.socket_af=1;
> allow.raw_sockets=1;
> path = "/usr/local/jails/$name";
> mount.fstab = "/usr/local/jails/fstab.$name";
> core {
>         host.hostname="jail_core";
>         children.max=2;
>         ip4.addr = 
> ue0|192.168.42.90,lo0|127.0.1.1,lo0|127.0.1.2,lo0|127.0.1.3;
> }
> --- "jail_core" jail.conf ---
> exec.start = "/bin/sh /etc/rc";
> exec.stop = "/bin/sh /etc/rc.shutdown";
> exec.clean;
> mount.devfs;
> persist;
> path = "/usr/local/jails/$name";
> mount.fstab = "/usr/local/jails/fstab.$name";
> dev1 {
>         host.hostname="jail_dev1";
>         ip4.addr = lo0|127.0.1.1;
> }
> jail_core starts up fine, but "children.max" seems to have no effect 
> when checked within the jail.
> root at jail_core:/ # sysctl security.jail.param.children
> security.jail.param.children.max: 0
> security.jail.param.children.cur: 0
> I'm not sure if this is related to the following problem, but when i 
> try to create a child-jail in this jailed environment i run into the 
> following error.
> root at jail_core:/ # jail -c dev1
> ifconfig: ioctl (SIOCAIFADDR): permission denied
> jail: dev1: /sbin/ifconfig lo0 inet 127.0.1.1 netmask 255.255.255.255 
> alias: failed
> What am i doing wrong? Any suggestions?
> Unfortunately i didn't find too much information concerning 
> hierarchical jails.
> Running CURRENT -r290973.
> Best Regards
> Carsten Bäcker
> *Gesendet:* Freitag, 27. November 2015 um 08:51 Uhr
> *Von:* "Carsten Bäcker" <carbaecker at gmx.de>
> *An:* freebsd-hackers at freebsd.org
> *Betreff:* Hierarchical Jails
>
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"

More information about the freebsd-hackers mailing list