'ezjail-admin create ...' and "Warning: Some services already seem to be listening on IP ..."
David Christensen
dpchrist at holgerdanske.com
Mon Nov 25 04:12:41 UTC 2019
On 11/23/19 8:33 PM, David Christensen wrote:
> freebsd-questions:
>
> I have a newly installed FreeBSD host:
>
> 2019-11-23 19:53:00 toor at soho2 ~
> # freebsd-version ; uname -a
> 11.3-RELEASE-p5
> FreeBSD soho2.tracy.holgerdanske.com 11.3-RELEASE-p5 FreeBSD
> 11.3-RELEASE-p5 #0: Tue Nov 12 08:59:04 UTC 2019
> root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64
>
>
> I would like to run some jailed services using ezjail(7). I have
> installed and configured ezjail, installed a base jail, created a
> flavour "cvs", and added the desired IP alias to my host. When I create
> the jail:
>
> 2019-11-23 20:23:14 toor at soho2 ~
> # ezjail-admin create -f cvs cvs.tracy.holgerdanske.com 192.168.5.19
> /usr/jails/cvs.tracy.holgerdanske.com/.
> /usr/jails/cvs.tracy.holgerdanske.com/./etc
> /usr/jails/cvs.tracy.holgerdanske.com/./etc/rc.d
> /usr/jails/cvs.tracy.holgerdanske.com/./etc/rc.d/ezjail.flavour.cvs
> /usr/jails/cvs.tracy.holgerdanske.com/./etc/rc.d/ezjail.flavour.cvs.packages
>
> /usr/jails/cvs.tracy.holgerdanske.com/./etc/rc.conf
> 5 blocks
> find: /usr/jails/cvs.tracy.holgerdanske.com/pkg/: No such file or directory
> Warning: Some services already seem to be listening on IP 192.168.5.19
> This may cause some confusion, here they are:
> root ntpd 735 27 udp4 192.168.5.19:123 *:*
> Warning: Some services already seem to be listening on all IP,
> (including 192.168.5.19)
> This may cause some confusion, here they are:
> root ntpd 735 20 udp6 *:123 *:*
> root ntpd 735 21 udp4 *:123 *:*
> root syslogd 583 6 udp6 *:514 *:*
> root syslogd 583 7 udp4 *:514 *:*
>
>
> Do I need to worry about the listening services warnings? If so, what
> is the best way to resolve them?
I noted that both the ezjail web site and the FreeBSD handbook install
ezjail from ports, while I installed the binary package:
http://erdgeist.org/arts/software/ezjail/
https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-ezjail.html
So, I removed ezjail:
2019-11-24 19:12:07 toor at soho2 ~
# pkg delete ezjail
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 1 packages (of 0
packages in the universe):
Installed packages to be REMOVED:
ezjail-3.4.2_1
Number of packages to be removed: 1
Proceed with deinstalling packages? [y/N]: y
[1/1] Deinstalling ezjail-3.4.2_1...
You may need to manually remove /usr/local/etc/ezjail.conf if it is no
longer needed.
[1/1] Deleting files for ezjail-3.4.2_1: 100%
I also removed the ezjail configuration file as suggested:
2019-11-24 19:17:32 toor at soho2 ~
# rm /usr/local/etc/ezjail.conf
remove /usr/local/etc/ezjail.conf? y
I then logged out from toor (Bash shell), logged in as root (C shell),
and tried to follow along with the handbook.
Cloned interface "lo1" already exists:
root at soho2:~ # ifconfig lo1
lo1: flags=8008<LOOPBACK,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
groups: lo
Install ezjail (from ports, not binary package):
root at soho2:~ # echo $SHELL
/bin/csh
root at soho2:~ # cd /usr/ports/sysutils/ezjail
root at soho2:/usr/ports/sysutils/ezjail # make install clean
===> ezjail-3.4.2_1 depends on file: /usr/local/sbin/pkg - found
=> ezjail-3.4.2.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch
http://erdgeist.org/arts/software/ezjail/ezjail-3.4.2.tar.bz2
ezjail-3.4.2.tar.bz2 37 kB 202 kBps
00s
===> Fetching all distfiles required by ezjail-3.4.2_1 for building
===> Extracting for ezjail-3.4.2_1
=> SHA256 Checksum OK for ezjail-3.4.2.tar.bz2.
===> Patching for ezjail-3.4.2_1
===> Applying FreeBSD patches for ezjail-3.4.2_1
===> Configuring for ezjail-3.4.2_1
===> Building for ezjail-3.4.2_1
===> Staging for ezjail-3.4.2_1
===> Generating temporary packing list
mkdir -p /usr/ports/sysutils/ezjail/work/stage/usr/local/etc/ezjail/
/usr/ports/sysutils/ezjail/work/stage/usr/local/man/man5/
/usr/ports/sysutils/ezjail/work/stage/usr/local/man/man7
/usr/ports/sysutils/ezjail/work/stage/usr/local/man/man8
/usr/ports/sysutils/ezjail/work/stage/usr/local/etc/rc.d/
/usr/ports/sysutils/ezjail/work/stage/usr/local/bin/
/usr/ports/sysutils/ezjail/work/stage/usr/local/share/examples/ezjail
/usr/ports/sysutils/ezjail/work/stage/usr/local/share/zsh/site-functions
cp -R examples/example
/usr/ports/sysutils/ezjail/work/stage/usr/local/share/examples/ezjail/
cp -R examples/nullmailer-example
/usr/ports/sysutils/ezjail/work/stage/usr/local/share/examples/ezjail/
cp -R share/zsh/site-functions/
/usr/ports/sysutils/ezjail/work/stage/usr/local/share/zsh/site-functions/
sed s:EZJAIL_PREFIX:/usr/local: ezjail.conf.sample >
/usr/ports/sysutils/ezjail/work/stage/usr/local/etc/ezjail.conf.sample
sed s:EZJAIL_PREFIX:/usr/local: ezjail.sh >
/usr/ports/sysutils/ezjail/work/stage/usr/local/etc/rc.d/ezjail
sed s:EZJAIL_PREFIX:/usr/local: ezjail-admin >
/usr/ports/sysutils/ezjail/work/stage/usr/local/bin/ezjail-admin
sed s:EZJAIL_PREFIX:/usr/local: man8/ezjail-admin.8 >
/usr/ports/sysutils/ezjail/work/stage/usr/local/man/man8/ezjail-admin.8
sed s:EZJAIL_PREFIX:/usr/local: man5/ezjail.conf.5 >
/usr/ports/sysutils/ezjail/work/stage/usr/local/man/man5/ezjail.conf.5
sed s:EZJAIL_PREFIX:/usr/local: man7/ezjail.7 >
/usr/ports/sysutils/ezjail/work/stage/usr/local/man/man7/ezjail.7
chmod 755
/usr/ports/sysutils/ezjail/work/stage/usr/local/etc/rc.d/ezjail
/usr/ports/sysutils/ezjail/work/stage/usr/local/bin/ezjail-admin
chmod 0440
/usr/ports/sysutils/ezjail/work/stage/usr/local/share/examples/ezjail/example/usr/local/etc/sudoers
====> Compressing man pages (compress-man)
===> Installing for ezjail-3.4.2_1
===> Checking if ezjail is already installed
===> Registering installation for ezjail-3.4.2_1
Installing ezjail-3.4.2_1...
===> Cleaning for ezjail-3.4.2_1
Nuke ezjail basejail and newjail:
root at soho2:~ # zfs destroy -r soho2_zroot/usr/jails/basejail
root at soho2:~ # zfs destroy -r soho2_zroot/usr/jails/newjail
ezjail already enabled in rc.conf:
root at soho2:~ # grep ezjail /etc/rc.conf
ezjail_enable="YES"
Start ezjail service:
root at soho2:~ # service ezjail start
ezjail
Perform initial ezjail setup:
root at soho2:~ # ezjail-admin install -p
base.txz 112 MB 3357 kBps
34s
lib32.txz 23 MB 3473 kBps
07s
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching metadata signature for 11.3-RELEASE from update2.freebsd.org...
done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.
The following files will be updated as part of updating to
11.3-RELEASE-p5:
/bin/freebsd-version
/boot/loader
/boot/loader.efi
<snip>
/usr/jails/basejail/usr/lib32/libgssapi_krb5.so.10
/usr/jails/basejail/usr/lib32/libsmb.a
/usr/jails/basejail/usr/lib32/libosmcomp.so
180002 blocks
Note: a non-standard /etc/make.conf was copied to the template jail in
order to get the ports collection running inside jails.
Looking up portsnap.FreeBSD.org mirrors... 6 mirrors found.
Fetching public key from metapeer.portsnap.freebsd.org... done.
Fetching snapshot tag from metapeer.portsnap.freebsd.org... done.
Fetching snapshot metadata... done.
Fetching snapshot generated at Sun Nov 24 16:21:30 PST 2019:
5b7ede0afbd64b2d0ce6bff7add18d8cfec4d71499cbe8 84 MB 1875 kBps
46s
Extracting snapshot... done.
Verifying snapshot integrity... done.
Fetching snapshot tag from metapeer.portsnap.freebsd.org... done.
Fetching snapshot metadata... done.
Updating from Sun Nov 24 16:21:30 PST 2019 to Sun Nov 24 19:04:16 PST 2019.
Fetching 5 metadata patches... done.
Applying metadata patches... done.
Fetching 0 metadata files... done.
Fetching 11 patches.
(11/11) 100.00% done.
done.
Applying patches...
done.
Fetching 1 new ports or files... done.
/usr/jails/basejail/usr/ports/.arcconfig
/usr/jails/basejail/usr/ports/.gitattributes
/usr/jails/basejail/usr/ports/.gitauthors
<snip>
/usr/jails/basejail/usr/ports/x11/yeahconsole/
/usr/jails/basejail/usr/ports/x11/yelp/
/usr/jails/basejail/usr/ports/x11/zenity/
Building new INDEX files... done.
Create a jail:
root at soho2:~ # ezjail-admin create cvs.tracy.holgerdanske.com
'lo1|127.0.1.1,em0|192.168.5.19'
/usr/jails/cvs.tracy.holgerdanske.com/.
/usr/jails/cvs.tracy.holgerdanske.com/./boot
/usr/jails/cvs.tracy.holgerdanske.com/./libexec
<snip>
/usr/jails/cvs.tracy.holgerdanske.com/./etc/ssl
/usr/jails/cvs.tracy.holgerdanske.com/./etc/ssl/openssl.cnf
/usr/jails/cvs.tracy.holgerdanske.com/./etc/csh.cshrc
12123 blocks
Warning: Some services already seem to be listening on all IP,
(including 127.0.1.1)
This may cause some confusion, here they are:
root ntpd 857 20 udp6 *:123 *:*
root ntpd 857 21 udp4 *:123 *:*
root syslogd 705 6 udp6 *:514 *:*
root syslogd 705 7 udp4 *:514 *:*
Warning: Some services already seem to be listening on IP 192.168.5.19
This may cause some confusion, here they are:
root ntpd 857 23 udp4 192.168.5.19:123 *:*
Warning: Some services already seem to be listening on all IP,
(including 192.168.5.19)
This may cause some confusion, here they are:
root ntpd 857 20 udp6 *:123 *:*
root ntpd 857 21 udp4 *:123 *:*
root syslogd 705 6 udp6 *:514 *:*
root syslogd 705 7 udp4 *:514 *:*
More of the same problems. Any suggestions?
David
More information about the freebsd-questions
mailing list