[questions] Re: mysql socket disappears when restarting related jail with nullfs mount point
Luis P. Mendes
luislupe at gmx.com
Tue Oct 15 10:41:06 UTC 2019
(The answer to the group as the original answer was only for MJ)
On 20191011 15:26:37 +1100, MJ wrote:
>What's your security.jail.param.securelevel set to? Likely to be 0?
Just to add that in both files:
/usr/local/etc/qjail.local/mariadb
and
/usr/local/etc/qjail.local/webjail
placed the value 3 in securelevel parameter:
securelevel="3"
When starting the webjail, the socket of the related mariadb jail is
still
removed.
>In fact, what's your security.jail settings in both jails? Any obvious discrepancies?
All 61 parameters are identical, no diff between them.
>
>
>On 11/10/2019 1:42 am, Luis P. Mendes wrote:
>>I'm running FreeBSD 11.3-RELEASE-p3 on a VPS.
>>The jail manager is qjail, version 5.4.
>>
>>The server has two jails: a database `mariadb` and a web `webjail`.
>>Access to the database is done only through a unix socket to be null
>>mounted at the latter jail.
>>
>>When started, 'service mysql-server start' on the `mariadb` jail
>>places the socket at /var/run/mysql/mysql.sock
>>
>>When started, the `webjail` should mount that socket in its own
>>/var/run/mysql directory.
>>
>>This is the line of the corresponding
>>/usr/local/etc/qjail.fstab/webjail file:
>>/usr/jails/mariadb/var/run/mysql /usr/jails/webjail/var/run/mysql
>>nullfs rw 0 0
>>
>>
>>What happens is that everytime that the `webjail` is started (the
>>first time or when restarted), the socket at `mariadb`'s
>>/var/run/mysql/mysql.sock
>>is deleted somehow.
>>Although this happens, the mysqld_safe and mysqld daemons keep
>>running.
>>
>>As a note, when `webjail` is stopped, nothing happens to the socket at
>>the jail of the mariadb database server.
>>
>>If the `mariadb` jail is started after `webjail`, the socket is
>>correctly mounted at the latter /var/run/mysql directory.
>>
>>
>>Using qjail's archive and restore commands, I copied these two jails
>>to another FreeBSD 11.3-RELEASE virtual machine, at my own computer,
>>and the strange behavior still happens.
>>
>>There are no rc.d scripts made by me.
>>
>>The contents of the config file for the `webjail` are:
>>/usr/local/etc/qjail.config/webjail
>>
>>webjail { host.hostname = "webjail";
>>path = "/usr/jails/webjail";
>>mount.fstab = "/usr/local/etc/qjail.fstab/webjail";
>>exec.consolelog = "/var/log/qjail.webjail.console.log";
>>mount.devfs;
>>ip4.addr = 127.0.0.85;
>>interface = "lo1";
>>devfs_ruleset = "4";
>>exec.start = "/bin/sh /etc/rc";
>>exec.stop = "/bin/sh /etc/rc.shutdown";
>>
>>
>>What's wrong with this?
>>Why starting a jail deletes a socket in another jail?
>>
>>
>>
>>
>>--
>>
>>
>>Luís Mendes
>>_______________________________________________
>>freebsd-questions at freebsd.org mailing list
>>https://lists.freebsd.org/mailman/listinfo/freebsd-questions
>>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
--
Luis Mendes
More information about the freebsd-questions
mailing list