/dev/random in jails

Tech Valley Internet - Tony Kivits tony at techvalley.ca
Thu Jul 19 12:47:57 UTC 2007

At 10:02 PM 7/18/2007, Tech Valley Internet - Tony Kivits wrote:
>At 09:50 PM 7/18/2007, Christopher Cowart wrote:
>>On Wed, Jul 18, 2007 at 09:49:12PM -0700, Christopher Cowart wrote:
>> > $ dd if=/dev/random bs=1 count=12 2>/dev/null | openssl base64
>> > Should give you a base64 encoding of some random data (base64 to prevent
>> > it from messing up your terminal) if /dev/random is working.
>>I meant to point if=jailroot/dev/random. Testing /dev/random for the
>>host OS isn't going to be too meaningful.
>>Chris Cowart
>>Lead Systems Administrator
>>Network & Infrastructure Services, RSSP-IT
>>UC Berkeley
>Thanks Chris,
>I figured out what you meant.  ;)
>I think with all my playing I managed to put a symlink in the dev 
>directory that I can't get out.
>I will try to do a reinstall of the machine and try all the 
>suggestions on a clean environment.

Ok.  I now know what is happening.

The random and urandom devices are in the jail's /dev directory when 
the jail is created and the test you gave me to try did work once 
tweaked a bit.  But when I run the installation script for hsphere 
the two devices disappear out of the /dev directory.

The devices are then inaccessible for all processes until the jail is 

I have looked in the usually log files and nothing is recorded there.

My configuration is as follows....

# Jail info in host's rc.conf

add include $devfsrules_hide_all
add include $devfsrules_unhide_basic

More information about the freebsd-questions mailing list