sysvipc only for one jail

Alejandro Imass aimass at
Tue Aug 13 16:42:09 UTC 2013

On Tue, Aug 13, 2013 at 12:14 AM, Shane Ambler <FreeBSD at> wrote:
> On 12/08/2013 21:39, Trond Endrestøl wrote:
>> On Mon, 12 Aug 2013 13:57+0200, David Demelier wrote:
>>> And thus, it's not enabled as postgresql tells:
>>> creating template1 database in /usr/local/pgsql/data/base/1 ... FATAL:
>>>   could not create shared memory segment: Function not implemented
>> I'll look into this by creating a new jail for PostgreSQL 9.2 when I
>> get home.
> While it is currently in beta maybe you could also try 9.3 and verify that
> the shared memory update works or eliminates this configuration?

No need for any complication. Pg will work just fine by following this
simple recipe. I compute a UID unique to the overall system by
concatenating 70 (the natural UID for the pgsql user user in FBSD) and
the last 3 digits of the Jails'IP, but you can come up with any
numbering scheme as long as it's consistent and easily associated to a
specific jail.

For example for the Pg running on jail, install
PostgreSQL and before doing anything else:

pw usermod pgsql -u 70124
pw groupmod pgsql -g 70124
pw usermod pgsql -g 70124
chown -R pgsql /usr/local/pgsql/
chgrp -R pgsql /usr/local/pgsql/

Any other application that uses SYSV IPC should follow a similar
recipe, and it's compatible with al versions of Jails.

And that's it. I have dozens of jails with Pg running this way.
Likewise also make sure all of your network daemons listen
_specifically_ to that jail's IP, in Pg that would be postgresql.conf:
listen_addresses = 'xxxxxx' although the default 'localhost' should
work most of the time. Always double check all daemons with sockstat
(e.g. sockstat -4l) to make sure they only listen on that jail's


Alejandro Imass

More information about the freebsd-questions mailing list