Configuring network without ezjail

Sun Dec 13 18:00:17 UTC 2015


On 13/12/2015 06:07, James Gritton wrote:
> On 2015-12-12 23:18, marcel wrote:
>> On 12/12/2015 18:10, James Gritton wrote:
>>> On 2015-12-11 18:50, marcel wrote:
>>>> No I don't get to have an IP address... Yet I have writed this in my
>>>> host's rc.conf:
>>>>
>>>> jail_enable="YES"
>>>> jail_list="thename"
>>>> jail_guantanamo_rootdir="thepath"
>>>> jail_guantanamo_hostname="thename"
>>>> jail_guantanamo_ip="192.168.0.12"
>>>>
>>>> and I use the command:
>>>>
>>>> jail thepath thename 192.168.0.12 /bin/csh
>>>>
>>>> to connect to my jail...
>>>
>>> Is the jail even created?  You show jail_name as "thename", but the
>>> jail config variables are jail_quantanamo_*.  So when you say
>>> "thename" do you really mean quantanamo?  Because if you don't, then
>>> the jail won't get configured at startup.
>>>
>>> The command you're using to connect to the jail is actually a command
>>> that creates a jail.  That's probably not what you want, as that jail
>>> is likely to disappear again after you exit from it.  You should be
>>> using jexec(8), assuming your jail has been properly created in the
>>> first place.
>>>
>>> Now to the IP address: is your entire box behind some gateway, where
>>> it uses a 192.168 address?  If it isn't, you'll need more than to just
>>> declare such an address - you'll need a jail with vnet, which is
>>> rather more complex.  But if it is, then the question becomes: is
>>> 192.168.0.12 the host address, i.e. are you creating a jail that
>>> shares the host address?  If you are it should work, but most jails
>>> aren't done this way.
>>>
>>> Specifying a jail's IP address only tell which of the host's existing
>>> addresses to use.  If that address isn't already set up, it won't be
>>> used - unless you tell it to.  If you're still using the rc.conf-based
>>> jail specification, you can set jail_interface (or
>>> jail_quantanamo_interface) to the name of the network interface where
>>> the host's main IP address lives (e.g. "em0" or somesuch).  Such a
>>> config line is likely all you need.
>>>
>>> - Jamie
>> Yes, the jail is created with the make installworld, make distribution,
>> jail -c , etc method and I launch it with jail -c guantanamo and connect
>> to it with jexec id shell.
>>
>> Yes, sorry I have badly explained so jail_name="thename", thename is
>> guantanamo.
>>
>> My host is behind a router that provide me an internet access yes and
>> yes 192.168.0.12 is my host ip so yes my jail share the host address.
>> jls command show me this address but ifconfig command (in my jail) show
>> me no address...
>>
>> I've read that in my case I've just need of jail_enable="YES" in my
>> rc.conf... I will add with most of jail_guantanamo* variable and test...
>
> If 192.168.0.12 is your host IP, try creating the jail without IP
> address restrictions.  I don't think you can do that with with the old
> rc.conf-based specification, but with a jail.conf file (or from a
> command line), you just add "ip4=inherit" and don't mention an
> ip4.address at all.  That will create a jail that has access to all of
> the host IP addresses.
>
> - Jamie
I was trying what you said but the remote machine where the jail is on
has gone to shutdown (I don't know why...) and I have to do some
kilometers to turn on and I haven't the time for the moment so subject
is closed for the moment... Thanks a lot for your help, I will try again
the next time...