Jail and FreeBSD 5.0-Release
charford-list at infinithost.com
Mon Apr 7 20:42:26 PDT 2003
-----BEGIN PGP SIGNED MESSAGE-----
So, we are having a few problems with FreeBSD 5.0-Release and jail....
The two currently killing us are:
1) Logging over ssh to the jailed IP# takes over a minute to
complete... I checked the ssd_config in the jail environment and
reverse lookup is not enabled...
2) After about 10 minutes, the jail environment gets toasted, as in
that it becomes impossible to login over ssh to the jail environment...
This is the error message:
Warning: no access to tty (Bad file descriptor).
Thus no job control in
There is nothing out of place in the jailed environment log files
How jail is started:
2) mount -t procfs proc /jail/<IP>/proc
# jail /jail/<IP> jail <IP> /bin/sh /etc/rc
hw.bus.devctl_disable: 1 -> 1
Entropy harvesting:sysctl: kern.random.sys.harvest.interrupt: Operation
interruptssysctl: kern.random.sys.harvest.ethernet: Operation not
ethernetsysctl: kern.random.sys.harvest.point_to_point: Operation not
Fast boot: skipping disk checks.
mount: /: unknown special file or file system
adjkerntz: sysctl(put_wallclock): Operation not permitted
Doing initial network setup:.
ifconfig: ioctl (SIOCDIFADDR): permission denied
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
Additional routing options:.
Mounting NFS file systems:.
syslogd: child pid 87388 exited with return code 1
ELF ldconfig path: /usr/lib /usr/lib/compat
a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout
Starting local daemons:.
Initial i386 initialization:.
Additional ABI support:.
Local package initialization:.
Additional TCP options:.
Starting background file system checks.
Mon Apr 7 22:07:20 CDT 2003
In the jail environment:
In the host system:
inetd_flags="-wW -a <HOST IP>"
All the stuff in the man pages were done:
o Create an empty /etc/fstab to quell startup warnings
o Disable the port mapper (/etc/rc.conf:
o Run newaliases(1) to quell sendmail(8) warnings.
o Disable interface configuration to quell startup
o Configure /etc/resolv.conf so that name resolution
jail will work correctly
o Set a root password, probably different from the real
o Set the timezone
o Add accounts for users in the jail environment
o Install any packages that you think the environment
This PGP signature is signed to charford at infinithost.com. If you
have received this signature from a different email account please
email that account and a different key will be sent. Sorry for any
This electronic message transmission contains information that is
privileged, confidential or otherwise the exclusive property of the
intended recipient or the sender. This information is intended for the
use of the individual or entity that is the intended recipient. If you
are not the designated recipient, please be aware that any
dissemination, distribution or copying of this communication is
strictly prohibited. If you have received this electronic transmission
in error, please notify us by electronic mail charford @
infinithost.com and promptly destroy the original transmission. Thank
you for your assistance.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)
-----END PGP SIGNATURE-----
More information about the freebsd-questions