dhcpd possible within jail?
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Sat Nov 1 13:15:08 PDT 2008
On Sat, 1 Nov 2008, Christer Edwards wrote:
> I recently set up a few jails for internal network services (sshd, bind,
> dhcpd, etc.) The only issue I have so far is that dhcpd doesn't seem to
> work within the jail env. It appears to start properly, and the process
> shows in top, but no leases are ever given out.
> I have also allowed raw_sockets from the host (unless there is another
> way to accomplish this).
> If anyone can tell me what I'm missing, or if its simply a jail
> limitation I'd appreciate it.
dhcpd imho needs bpf, so you would have to expose /dev/bpf* to that
jail and perhaps also /dev/net* things..
try adding something like this to your /etc/devfs.rules
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'bpf*' unhide
add path net unhide
add path 'net/*' unhide
the number is the first free that is not in your
/etc/defaults/devfs.rules and /etc/devfs.rules.
That done change the /etc/rc.conf line for that jail to
with FOOOOOO being the right jail name of course and restart the jail.
Within the jail do a ls -l /dev/bpf* ; if there are no entries you'll
need to reapply the devfs rules from the base system (sh
/etc/rc.d/devfs start might do that). Try the ls again.
imho, you do not need to allow raw sockets.
Bjoern A. Zeeb Stop bit received. Insert coin for new game.
More information about the freebsd-jail