Install Apache in qjail?
Ruben de Groot
mail25 at bzerk.org
Thu Jul 22 12:05:36 UTC 2010
On Thu, Jul 22, 2010 at 04:58:39AM +0200, Peter Boosten typed:
> On 22-7-2010 2:10, Aiza wrote:
> >
> > If this apache jail is going to use the standard port 80 to listen on,
> > then the host and any other jails can not use that port number.
>
> Nonsense!
Indeed
> Since the IP address assigned to the jail is the only one the jail is
> seeing, Apache will only bind to that IP address. So you can have as
> many jails running Apache on port 80 as you like, because they only will
> bind to the IP address belonging to the jail.
>
> The only 'challenge' will be configuring Apache on the host itself to
> only listen to one IP address, instead of *, which is piece of cake.
Actually, not even that is necessary. A socket on the host bound to INADDR_ANY
is overridden by the more specific IP address in the jail, at least on my
systems (not using multi IP jails yet, so maybe that's different)
So you can run e.g. sshd on the host and all jails without having to specify
a ListenAddress anywhere. Only thing is that you'll get connected to the host
if sshd in the jail would stop or go down.
Ruben
More information about the freebsd-questions
mailing list