FreeBSD 7.0 jail and Samba 3
P S Clermont
pascal at clermont.cc
Wed Apr 23 12:07:29 UTC 2008
Nejc Škoberne wrote:
> Hi,
>
>> I'm not sending this message to the list as I've not been following
>> the discussion; I just skimmed thru it.
>
> I hope you don't mind that I sent it to the list too.
>
>> I would check too things, a) a firewall (sorry if this has been talked
>> about, as I said I didn't read it all) or b) enable raw sockets in
>> jails ( security.jail.allow_raw_sockets=1 ).
>>
>> Let me know if b) works, I plan to setup a samba server on ZFS inside
>> a jail when I return home from my travels.
>
> a) I have no firewall whatsoever running.
> b) FreeBSDhost# sysctl -a | grep raw_sockets
> security.jail.allow_raw_sockets: 1
>
> Thanks,
> Nejc
I have a samba3 jail serving files, and my sysctl
security.jail.allow_raw_sockets=0
Raw sockets allow direct access to the network subsystem.From a security
standpoint there's very little reason to allow this and many reasons not to.
More information about the freebsd-questions
mailing list