From owner-freebsd-jail@FreeBSD.ORG Sun Jul 27 12:10:08 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3DEDF106564A for ; Sun, 27 Jul 2008 12:10:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id F0C3B8FC13 for ; Sun, 27 Jul 2008 12:10:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 1B08341C6EA for ; Sun, 27 Jul 2008 14:10:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id aAILKTQ5u0iH for ; Sun, 27 Jul 2008 14:10:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id 9DF7341C6A7; Sun, 27 Jul 2008 14:10:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 35A5344487F for ; Sun, 27 Jul 2008 12:06:55 +0000 (UTC) Date: Sun, 27 Jul 2008 12:06:55 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: freebsd-jail@freebsd.org Message-ID: <20080727115111.D57089@maildrop.int.zabbadoz.net> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: new multi-/no-ip4/v6 jail patches X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jul 2008 12:10:08 -0000 Hi, I have temporary put two patches generated from p4 here[1] for HEAD and for 7-STABLE as of now (you really need that latest 8/7). If you are in /usr/src you best run patch -s -p7 -C < /path/to/patch echo $? to see if the patch applies cleanly. patch should not print anything and echo $? should print 0. Else you'll have to manually resolve rejects after the next step: patch -s -p7 < /path/to/patch There is/will be no updated patch for 7.0pX (7.0 RELEASE branch) atm. Most imporatant changes: - fixed lookup mechanism for v4 and v6 for jail IP addresses (only relevant if you had more than 2 IPs per AF) - directly bind the IP if there is only one per AF. - ipv4 source address selection - jail state support - cpuset support What still needs to be done: - break out ipv4 source address selection for HEAD - review SCTP after the latest import (still disbaled in jails) - cleanup - review review review - feel free to mail me any comments. - the complete list is here: http://perforce.freebsd.org/fileViewer.cgi?FSPC=//depot/user/bz/jail/TODO&REV=21 Worst problem: - jls output is really ugly now In case of any comments/problems/... preferably mail freebsd-jail@ instead of mailing me directly. /bz References: [1] temporary location for multi-/no-ipv4/v6 patches for HEAD: http://people.freebsd.org/~bz/bz_jail-20080727-01-at146034.diff RELENG_7: http://people.freebsd.org/~bz/bz_jail7-20080726-03-at146006.diff -- Bjoern A. Zeeb Stop bit received. Insert coin for new game. From owner-freebsd-jail@FreeBSD.ORG Sun Jul 27 15:30:08 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 15B091065676 for ; Sun, 27 Jul 2008 15:30:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id C84BB8FC08 for ; Sun, 27 Jul 2008 15:30:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 45E9141C75D for ; Sun, 27 Jul 2008 17:30:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id fXIDSF1jsaex for ; Sun, 27 Jul 2008 17:30:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id CB03D41C75C; Sun, 27 Jul 2008 17:30:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 7214044487F for ; Sun, 27 Jul 2008 15:28:22 +0000 (UTC) Date: Sun, 27 Jul 2008 15:28:22 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: freebsd-jail@freebsd.org In-Reply-To: <20080727115111.D57089@maildrop.int.zabbadoz.net> Message-ID: <20080727152715.Y57089@maildrop.int.zabbadoz.net> References: <20080727115111.D57089@maildrop.int.zabbadoz.net> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: Re: new multi-/no-ip4/v6 jail patches X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jul 2008 15:30:08 -0000 On Sun, 27 Jul 2008, Bjoern A. Zeeb wrote: Hi, there is a regression in there with unbound udp connects. I am investigating and the patches are gone for the moment. I'll let you know once I updated them. /bz -- Bjoern A. Zeeb Stop bit received. Insert coin for new game. From owner-freebsd-jail@FreeBSD.ORG Sun Jul 27 17:50:07 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CA8411065680 for ; Sun, 27 Jul 2008 17:50:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id 891918FC12 for ; Sun, 27 Jul 2008 17:50:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 0F15941C749 for ; Sun, 27 Jul 2008 19:50:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id QtMQYNMFsiDJ for ; Sun, 27 Jul 2008 19:50:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id B37CC41C70C; Sun, 27 Jul 2008 19:50:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id A020344487F for ; Sun, 27 Jul 2008 17:48:26 +0000 (UTC) Date: Sun, 27 Jul 2008 17:48:26 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: freebsd-jail@freebsd.org In-Reply-To: <20080727152715.Y57089@maildrop.int.zabbadoz.net> Message-ID: <20080727174715.F57089@maildrop.int.zabbadoz.net> References: <20080727115111.D57089@maildrop.int.zabbadoz.net> <20080727152715.Y57089@maildrop.int.zabbadoz.net> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: Re: new multi-/no-ip4/v6 jail patches X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jul 2008 17:50:07 -0000 On Sun, 27 Jul 2008, Bjoern A. Zeeb wrote: > On Sun, 27 Jul 2008, Bjoern A. Zeeb wrote: > > Hi, > > there is a regression in there with unbound udp connects. I am > investigating and the patches are gone for the moment. I'll let you > know once I updated them. the new patches are here: HEAD: http://people.freebsd.org/~bz/bz_jail-20080727-10-at146056.diff 7-STABLE: http://people.freebsd.org/~bz/bz_jail7-20080727-10-at146056.diff /bz -- Bjoern A. Zeeb Stop bit received. Insert coin for new game. From owner-freebsd-jail@FreeBSD.ORG Sun Jul 27 19:50:07 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F09261065670 for ; Sun, 27 Jul 2008 19:50:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id AE6D68FC13 for ; Sun, 27 Jul 2008 19:50:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 02D4F41C70C for ; Sun, 27 Jul 2008 21:50:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id W9pJzH8wCerV for ; Sun, 27 Jul 2008 21:50:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id ADDB341C70A; Sun, 27 Jul 2008 21:50:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 8F35D44487F for ; Sun, 27 Jul 2008 19:49:59 +0000 (UTC) Date: Sun, 27 Jul 2008 19:49:59 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: freebsd-jail@freebsd.org In-Reply-To: <20080727174715.F57089@maildrop.int.zabbadoz.net> Message-ID: <20080727194902.N57089@maildrop.int.zabbadoz.net> References: <20080727115111.D57089@maildrop.int.zabbadoz.net> <20080727152715.Y57089@maildrop.int.zabbadoz.net> <20080727174715.F57089@maildrop.int.zabbadoz.net> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: Re: new multi-/no-ip4/v6 jail patches X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jul 2008 19:50:08 -0000 On Sun, 27 Jul 2008, Bjoern A. Zeeb wrote: Hi, > the new patches are here: > > HEAD: > http://people.freebsd.org/~bz/bz_jail-20080727-10-at146056.diff > 7-STABLE: > http://people.freebsd.org/~bz/bz_jail7-20080727-10-at146056.diff And as the MFC for the backout of the unr allocator was comitted here's a new patch for RELENG_7: http://people.freebsd.org/~bz/bz_jail7-20080727-11-at146062.diff -- Bjoern A. Zeeb Stop bit received. Insert coin for new game. From owner-freebsd-jail@FreeBSD.ORG Mon Jul 28 11:06:59 2008 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5B883106568E for ; Mon, 28 Jul 2008 11:06:59 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 433B38FC2A for ; Mon, 28 Jul 2008 11:06:59 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m6SB6xaZ078953 for ; Mon, 28 Jul 2008 11:06:59 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m6SB6wOU078949 for freebsd-jail@FreeBSD.org; Mon, 28 Jul 2008 11:06:58 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 28 Jul 2008 11:06:58 GMT Message-Id: <200807281106.m6SB6wOU078949@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-jail@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-jail@FreeBSD.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2008 11:06:59 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- s kern/89528 jail [jail] [patch] impossible to kill a jail o kern/119842 jail [smbfs] [jail] "Bad address" with smbfs inside a jail 2 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o bin/32828 jail [jail] w(1) incorrectly handles stale utmp slots with o kern/68192 jail [quotas] [jail] Cannot use quotas on jailed systems o kern/72498 jail [libc] [jail] timestamp code on jailed SMP machine gen o kern/74314 jail [resolver] [jail] DNS resolver broken under certain ja o kern/84215 jail [jail] [patch] wildcard ip (INADDR_ANY) should not bin o kern/89989 jail [jail] [patch] Add option -I (ASCII 73) PID to specif o kern/97071 jail [jail] [patch] add security.jail.jid sysctl o bin/99566 jail [jail] [patch] fstat(1) according to specified jid o kern/120753 jail [jail] Zombie jails (jailed child process exits while 9 problems total. From owner-freebsd-jail@FreeBSD.ORG Mon Jul 28 12:26:29 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DB4B1065671 for ; Mon, 28 Jul 2008 12:26:29 +0000 (UTC) (envelope-from spry@anarchy.in.the.ph) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.158]) by mx1.freebsd.org (Postfix) with ESMTP id 795728FC1B for ; Mon, 28 Jul 2008 12:26:26 +0000 (UTC) (envelope-from spry@anarchy.in.the.ph) Received: by fg-out-1718.google.com with SMTP id l26so3847870fgb.35 for ; Mon, 28 Jul 2008 05:26:25 -0700 (PDT) Received: by 10.86.91.12 with SMTP id o12mr2556464fgb.1.1217247984914; Mon, 28 Jul 2008 05:26:24 -0700 (PDT) Received: by 10.86.83.14 with HTTP; Mon, 28 Jul 2008 05:26:24 -0700 (PDT) Message-ID: Date: Mon, 28 Jul 2008 20:26:24 +0800 From: "Mars G Miro" To: "Bjoern A. Zeeb" In-Reply-To: <20080727194902.N57089@maildrop.int.zabbadoz.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080727115111.D57089@maildrop.int.zabbadoz.net> <20080727152715.Y57089@maildrop.int.zabbadoz.net> <20080727174715.F57089@maildrop.int.zabbadoz.net> <20080727194902.N57089@maildrop.int.zabbadoz.net> Cc: freebsd-jail@freebsd.org Subject: Re: new multi-/no-ip4/v6 jail patches X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2008 12:26:29 -0000 On Mon, Jul 28, 2008 at 3:49 AM, Bjoern A. Zeeb wrote: > On Sun, 27 Jul 2008, Bjoern A. Zeeb wrote: > > Hi, > >> the new patches are here: >> >> HEAD: http://people.freebsd.org/~bz/bz_jail-20080727-10-at146056.diff >> 7-STABLE: http://people.freebsd.org/~bz/bz_jail7-20080727-10-at146056.diff > > And as the MFC for the backout of the unr allocator was comitted > here's a new patch for RELENG_7: > http://people.freebsd.org/~bz/bz_jail7-20080727-11-at146062.diff > Hiya What I've tested on my test jail: - IPv6-only, 1 IPv6 - IPv6-only, 4 IPv6s - IPv4-only, 5 IPs - IPv6+IPv4, 4 IPv6, 5 IPv4s Plus apache (w/ ipv6) running on the jail. Works great! Thanks ;-) > > -- > Bjoern A. Zeeb Stop bit received. Insert coin for new game. > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > -- cheers mars From owner-freebsd-jail@FreeBSD.ORG Mon Jul 28 16:18:54 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 64FBA106568A for ; Mon, 28 Jul 2008 16:18:54 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: from aurynhome1sv1.zirakzigil.org (mail.zirakzigil.org [82.63.178.63]) by mx1.freebsd.org (Postfix) with SMTP id 943818FC0A for ; Mon, 28 Jul 2008 16:18:50 +0000 (UTC) (envelope-from auryn@zirakzigil.org) Received: (qmail 68132 invoked by uid 98); 28 Jul 2008 16:18:48 -0000 Received: from 85.18.102.52 by aurynhome1sv1.zirakzigil.org (envelope-from , uid 89) with qmail-scanner-1.25 ( Clear:RC:0(85.18.102.52):. Processed in 0.040534 secs); 28 Jul 2008 16:18:48 -0000 X-Qmail-Scanner-Mail-From: auryn@zirakzigil.org via aurynhome1sv1.zirakzigil.org X-Qmail-Scanner: 1.25 (Clear:RC:0(85.18.102.52):. Processed in 0.040534 secs) Received: from unknown (HELO aurynmob2.giulioferro.it) (auryn@zirakzigil.org@85.18.102.52) by 0 with SMTP; 28 Jul 2008 16:18:48 -0000 Message-ID: <488DF15F.5030703@zirakzigil.org> Date: Mon, 28 Jul 2008 18:18:39 +0200 From: Giulio Ferro User-Agent: Thunderbird 2.0.0.5 (X11/20070724) MIME-Version: 1.0 To: "Bjoern A. Zeeb" References: <20080727115111.D57089@maildrop.int.zabbadoz.net> <20080727152715.Y57089@maildrop.int.zabbadoz.net> <20080727174715.F57089@maildrop.int.zabbadoz.net> <20080727194902.N57089@maildrop.int.zabbadoz.net> In-Reply-To: <20080727194902.N57089@maildrop.int.zabbadoz.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org Subject: Re: new multi-/no-ip4/v6 jail patches X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Jul 2008 16:18:54 -0000 Bjoern A. Zeeb wrote: > On Sun, 27 Jul 2008, Bjoern A. Zeeb wrote: > > Hi, > >> the new patches are here: >> >> HEAD: http://people.freebsd.org/~bz/bz_jail-20080727-10-at146056.diff >> 7-STABLE: >> http://people.freebsd.org/~bz/bz_jail7-20080727-10-at146056.diff > > And as the MFC for the backout of the unr allocator was comitted > here's a new patch for RELENG_7: > http://people.freebsd.org/~bz/bz_jail7-20080727-11-at146062.diff > > Thanks a lot! I'll try it as soon as I can... From owner-freebsd-jail@FreeBSD.ORG Tue Jul 29 18:46:41 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7976F106566B for ; Tue, 29 Jul 2008 18:46:41 +0000 (UTC) (envelope-from schulra@earlham.edu) Received: from sipala.earlham.edu (sipala.earlham.edu [159.28.1.75]) by mx1.freebsd.org (Postfix) with ESMTP id 50F228FC16 for ; Tue, 29 Jul 2008 18:46:40 +0000 (UTC) (envelope-from schulra@earlham.edu) Received: from tdream.lly.earlham.edu ([10.159.28.13]) by sipala.earlham.edu (8.13.6/8.13.6) with ESMTP id m6TIKPTg010842 for ; Tue, 29 Jul 2008 14:20:25 -0400 (EDT) X-Authentication-Warning: sipala.earlham.edu: Host [10.159.28.13] claimed to be tdream.lly.earlham.edu Received: from tdream.lly.earlham.edu (tdream.lly.earlham.edu [159.28.7.241]) by tdream.lly.earlham.edu (Postfix) with ESMTP id 47AF921F93C for ; Tue, 29 Jul 2008 14:20:34 -0400 (EDT) Date: Tue, 29 Jul 2008 14:20:34 -0400 (EDT) From: Randy Schultz X-X-Sender: schulra@tdream.lly.earlham.edu To: freebsd-jail@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Subject: visudo non-functional in 7.0-RELEASE jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2008 18:46:41 -0000 Heya, Been using jails for a while with 6.2 and 6.3. Today I'm working my first lab box with 7.0-RELEASE. Set everything up with ezjail, e.g. ezjail-admin create... Everything builds/installs fine, no barks. Sudo installed via make install in /usr/ports/security/sudo on both parent and jail after a portsnap update. The version of sudo works fine in the parent. In the jail however I always get: zincite# /usr/local/sbin/visudo visudo: /usr/local/etc/sudoers busy, try again later Sudoers is not busy. This is on a fresh jail that only I have access to, doing a visudo right after the make install finishes. My first thought was the jail dev/fs perms were somehow messed up but I can write to /usr/local/etc. In fact I can vi /usr/local/etc/sudoers and write it back out. I've checked the sysctl flags. They are the same as on a working 6.x parent(but I've included them here FWIW): Root Dude ? sysctl -a|egrep jail security.jail.jailed: 0 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.enforce_statfs: 2 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 Rc.conf has: ezjail_enable=YES jail_list="zincite" jail_zincite_rootdir=/usr/local/jails/zincite jail_zincite_hostname=zincite.earlham.edu jail_zincite_ip=159.28.83.137 jail_zincite_interface=bge0 #jail_zincite_fstab="/etc/zincite.fstab" jail_zincite_mount_enable="YES" jail_zincite_devfs_enable="YES" Fstab is pretty standard: Root Dude ? cat /etc/fstab.zincite /usr/local/jails/basejail /usr/local/jails/zincite/basejail nullfs ro 0 0 The /usr/local/jails/zincite/etc/devfs.conf is non-tweaked zincite# ls -l /dev total 0 dr-xr-xr-x 2 root wheel 512 Jul 29 16:23 fd lrwxr-xr-x 1 root wheel 14 Jul 29 16:23 log -> ../var/run/log crw-rw-rw- 1 root wheel 0, 6 Jul 29 17:33 null crw-rw-rw- 1 root wheel 0, 121 Jul 29 17:26 ptyp0 crw-rw-rw- 1 root wheel 0, 123 Jul 29 17:38 ptyp1 crw-rw-rw- 1 root wheel 0, 10 Jul 29 12:23 random lrwxr-xr-x 1 root wheel 4 Jul 29 16:23 stderr -> fd/2 lrwxr-xr-x 1 root wheel 4 Jul 29 16:23 stdin -> fd/0 lrwxr-xr-x 1 root wheel 4 Jul 29 16:23 stdout -> fd/1 crw-rw-rw- 1 root wheel 0, 122 Jul 29 17:26 ttyp0 crw--w---- 1 rj tty 0, 124 Jul 29 17:38 ttyp1 lrwxr-xr-x 1 root wheel 6 Jul 29 16:23 urandom -> random crw-rw-rw- 1 root wheel 0, 7 Jul 29 16:23 zero and /usr/local/etc/ezjail/zincite contains: export jail_zincite_hostname="zincite" export jail_zincite_ip="159.28.83.137" export jail_zincite_rootdir="/usr/local/jails/zincite" export jail_zincite_exec="/bin/sh /etc/rc" export jail_zincite_mount_enable="YES" export jail_zincite_devfs_enable="YES" export jail_zincite_devfs_ruleset="devfsrules_jail" export jail_zincite_procfs_enable="YES" export jail_zincite_fdescfs_enable="YES" export jail_zincite_image="" export jail_zincite_imagetype="" export jail_zincite_attachparams="" export jail_zincite_attachblocking="" export jail_zincite_forceblocking="" I tried tracing visudo but that didn't give me much: ... 1293: open("/usr/local/etc/sudoers",O_RDWR|O_CREAT,0440) = 3 (0x3) 1293: fcntl(3,F_SETLK,0x7fffffffe390) ERR#22 'Invalid argument' visudo: 1293: write(2,"visudo: ",8) = 8 (0x8) /usr/local/etc/sudoers busy, try again later 1293: write(2,"/usr/local/etc/sudoers busy, try"...,44) = 44 (0x2c) 1293: write(2,"\n",1) = 1 (0x1) 1293: process exit, rval = 1 I noted the invalid argument, thought busted port, but same thing works great on the parent. I'm running out of places to poke. -- Randy (schulra@earlham.edu) 765.983.1283 <*> Love with your heart, think with your head; not the other way around. From owner-freebsd-jail@FreeBSD.ORG Tue Jul 29 18:58:22 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 59E821065676 for ; Tue, 29 Jul 2008 18:58:22 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from services.ipt.ru (services.ipt.ru [194.62.233.110]) by mx1.freebsd.org (Postfix) with ESMTP id 0BB718FC36 for ; Tue, 29 Jul 2008 18:58:22 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from [85.173.16.156] (helo=localhost.my.domain) by services.ipt.ru with esmtpa (Exim 4.54 (FreeBSD)) id 1KNuOp-000Ily-Mp; Tue, 29 Jul 2008 22:58:19 +0400 To: Randy Schultz References: From: Boris Samorodov Date: Tue, 29 Jul 2008 22:57:10 +0400 In-Reply-To: (Randy Schultz's message of "Tue\, 29 Jul 2008 14\:20\:34 -0400 \(EDT\)") Message-ID: <71363369@ipt.ru> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-jail@freebsd.org Subject: Re: visudo non-functional in 7.0-RELEASE jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2008 18:58:22 -0000 On Tue, 29 Jul 2008 14:20:34 -0400 (EDT) Randy Schultz wrote: > Been using jails for a while with 6.2 and 6.3. Today I'm working my first lab > box with 7.0-RELEASE. Set everything up with ezjail, e.g. ezjail-admin > create... Everything builds/installs fine, no barks. Sudo installed via make > install in /usr/ports/security/sudo on both parent and jail after a portsnap > update. The version of sudo works fine in the parent. In the jail however I > always get: > zincite# /usr/local/sbin/visudo > visudo: /usr/local/etc/sudoers busy, try again later > Sudoers is not busy. This is on a fresh jail that only I have access to, > doing a visudo right after the make install finishes. > My first thought was the jail dev/fs perms were somehow messed up but I can > write to /usr/local/etc. In fact I can vi /usr/local/etc/sudoers and write it > back out. > I've checked the sysctl flags. They are the same as on a working 6.x > parent(but I've included them here FWIW): I'm not sure that this configuration (6.x parent and 7.x jail) is supported. I think that just the opposite may (or should) work. Just my imho though. I'll be glad to be wrong here... > Root Dude ? sysctl -a|egrep jail > security.jail.jailed: 0 > security.jail.mount_allowed: 0 > security.jail.chflags_allowed: 0 > security.jail.allow_raw_sockets: 0 > security.jail.enforce_statfs: 2 > security.jail.sysvipc_allowed: 0 > security.jail.socket_unixiproute_only: 1 > security.jail.set_hostname_allowed: 1 > Rc.conf has: > ezjail_enable=YES > jail_list="zincite" > jail_zincite_rootdir=/usr/local/jails/zincite > jail_zincite_hostname=zincite.earlham.edu > jail_zincite_ip=159.28.83.137 > jail_zincite_interface=bge0 > #jail_zincite_fstab="/etc/zincite.fstab" > jail_zincite_mount_enable="YES" > jail_zincite_devfs_enable="YES" > Fstab is pretty standard: > Root Dude ? cat /etc/fstab.zincite > /usr/local/jails/basejail /usr/local/jails/zincite/basejail nullfs ro 0 0 > The /usr/local/jails/zincite/etc/devfs.conf is non-tweaked > zincite# ls -l /dev > total 0 > dr-xr-xr-x 2 root wheel 512 Jul 29 16:23 fd > lrwxr-xr-x 1 root wheel 14 Jul 29 16:23 log -> ../var/run/log > crw-rw-rw- 1 root wheel 0, 6 Jul 29 17:33 null > crw-rw-rw- 1 root wheel 0, 121 Jul 29 17:26 ptyp0 > crw-rw-rw- 1 root wheel 0, 123 Jul 29 17:38 ptyp1 > crw-rw-rw- 1 root wheel 0, 10 Jul 29 12:23 random > lrwxr-xr-x 1 root wheel 4 Jul 29 16:23 stderr -> fd/2 > lrwxr-xr-x 1 root wheel 4 Jul 29 16:23 stdin -> fd/0 > lrwxr-xr-x 1 root wheel 4 Jul 29 16:23 stdout -> fd/1 > crw-rw-rw- 1 root wheel 0, 122 Jul 29 17:26 ttyp0 > crw--w---- 1 rj tty 0, 124 Jul 29 17:38 ttyp1 > lrwxr-xr-x 1 root wheel 6 Jul 29 16:23 urandom -> random > crw-rw-rw- 1 root wheel 0, 7 Jul 29 16:23 zero > and /usr/local/etc/ezjail/zincite contains: > export jail_zincite_hostname="zincite" > export jail_zincite_ip="159.28.83.137" > export jail_zincite_rootdir="/usr/local/jails/zincite" > export jail_zincite_exec="/bin/sh /etc/rc" > export jail_zincite_mount_enable="YES" > export jail_zincite_devfs_enable="YES" > export jail_zincite_devfs_ruleset="devfsrules_jail" > export jail_zincite_procfs_enable="YES" > export jail_zincite_fdescfs_enable="YES" > export jail_zincite_image="" > export jail_zincite_imagetype="" > export jail_zincite_attachparams="" > export jail_zincite_attachblocking="" > export jail_zincite_forceblocking="" > I tried tracing visudo but that didn't give me much: > ... > 1293: open("/usr/local/etc/sudoers",O_RDWR|O_CREAT,0440) = 3 (0x3) > 1293: fcntl(3,F_SETLK,0x7fffffffe390) ERR#22 'Invalid argument' > visudo: 1293: write(2,"visudo: ",8) = 8 (0x8) > /usr/local/etc/sudoers busy, try again later 1293: > write(2,"/usr/local/etc/sudoers busy, try"...,44) = 44 (0x2c) > 1293: write(2,"\n",1) = 1 (0x1) > 1293: process exit, rval = 1 > I noted the invalid argument, thought busted port, but same thing works great > on the parent. > I'm running out of places to poke. WBR -- bsam From owner-freebsd-jail@FreeBSD.ORG Tue Jul 29 19:19:57 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E81A7106566C for ; Tue, 29 Jul 2008 19:19:57 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from services.ipt.ru (services.ipt.ru [194.62.233.110]) by mx1.freebsd.org (Postfix) with ESMTP id 99B448FC13 for ; Tue, 29 Jul 2008 19:19:57 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from [85.173.16.156] (helo=localhost.my.domain) by services.ipt.ru with esmtpa (Exim 4.54 (FreeBSD)) id 1KNujk-000J5L-CS for freebsd-jail@freebsd.org; Tue, 29 Jul 2008 23:19:56 +0400 To: freebsd-jail@freebsd.org References: From: Boris Samorodov Date: Tue, 29 Jul 2008 23:18:46 +0400 In-Reply-To: (Mail Delivery System's message of "Tue\, 29 Jul 2008 22\:58\:22 +0400") Message-ID: <94562073@ipt.ru> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: Mail delivery failed: returning message to sender X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2008 19:19:58 -0000 Sorry freebsd-jail-list reader, this message is for Randy Schultz. Dear Randy, just FYI, but your mail server is blocking messages... On Tue, 29 Jul 2008 22:58:22 +0400 Mail Delivery System wrote: > This message was created automatically by mail delivery software. > A message that you sent could not be delivered to one or more of its > recipients. This is a permanent error. The following address(es) failed: > schulra@earlham.edu > SMTP error from remote mail server after end of data: > host diakatra.earlham.edu [159.28.1.37]: 554 Service unavailable; Client host [services.ipt.ru] blocked using Barracuda Reputation; http://bbl.barracudacentral.com/q.cgi?ip=85.173.16.156 > ------ This is a copy of the message, including all the headers. ------ > Return-path: > Received: from [85.173.16.156] (helo=localhost.my.domain) > by services.ipt.ru with esmtpa (Exim 4.54 (FreeBSD)) > id 1KNuOp-000Ily-Mp; Tue, 29 Jul 2008 22:58:19 +0400 > To: Randy Schultz > Cc: freebsd-jail@freebsd.org > Subject: Re: visudo non-functional in 7.0-RELEASE jail > References: > From: Boris Samorodov > Date: Tue, 29 Jul 2008 22:57:10 +0400 > In-Reply-To: (Randy Schultz's message of "Tue\, 29 Jul 2008 14\:20\:34 -0400 \(EDT\)") > Message-ID: <71363369@ipt.ru> > User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (berkeley-unix) > MIME-Version: 1.0 > Content-Type: text/plain; charset=us-ascii > On Tue, 29 Jul 2008 14:20:34 -0400 (EDT) Randy Schultz wrote: [...] WBR -- bsam From owner-freebsd-jail@FreeBSD.ORG Tue Jul 29 19:56:03 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 00775106566B for ; Tue, 29 Jul 2008 19:56:03 +0000 (UTC) (envelope-from schulra@earlham.edu) Received: from sipala.earlham.edu (sipala.earlham.edu [159.28.1.75]) by mx1.freebsd.org (Postfix) with ESMTP id 9E9D38FC13 for ; Tue, 29 Jul 2008 19:56:02 +0000 (UTC) (envelope-from schulra@earlham.edu) Received: from tdream.lly.earlham.edu ([10.159.28.13]) by sipala.earlham.edu (8.13.6/8.13.6) with ESMTP id m6TJu0bV015879 for ; Tue, 29 Jul 2008 15:56:00 -0400 (EDT) X-Authentication-Warning: sipala.earlham.edu: Host [10.159.28.13] claimed to be tdream.lly.earlham.edu Received: from tdream.lly.earlham.edu (tdream.lly.earlham.edu [159.28.7.241]) by tdream.lly.earlham.edu (Postfix) with ESMTP id 9D10F21F93A for ; Tue, 29 Jul 2008 15:56:08 -0400 (EDT) Date: Tue, 29 Jul 2008 15:56:08 -0400 (EDT) From: Randy Schultz X-X-Sender: schulra@tdream.lly.earlham.edu To: freebsd-jail@freebsd.org In-Reply-To: <94562073@ipt.ru> Message-ID: References: <94562073@ipt.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: Mail delivery failed: returning message to sender X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2008 19:56:03 -0000 On Tue, 29 Jul 2008, Boris Samorodov spaketh thusly: -}Sorry freebsd-jail-list reader, -} -} -}this message is for Randy Schultz. -} -}Dear Randy, just FYI, but your mail server is blocking messages... Taking this off-line. Tnx Boris. -} -} -}On Tue, 29 Jul 2008 22:58:22 +0400 Mail Delivery System wrote: -} -}> This message was created automatically by mail delivery software. -} -}> A message that you sent could not be delivered to one or more of its -}> recipients. This is a permanent error. The following address(es) failed: -} -}> schulra@earlham.edu -}> SMTP error from remote mail server after end of data: -}> host diakatra.earlham.edu [159.28.1.37]: 554 Service unavailable; Client host [services.ipt.ru] blocked using Barracuda Reputation; http://bbl.barracudacentral.com/q.cgi?ip=85.173.16.156 -} -}> ------ This is a copy of the message, including all the headers. ------ -} -}> Return-path: -}> Received: from [85.173.16.156] (helo=localhost.my.domain) -}> by services.ipt.ru with esmtpa (Exim 4.54 (FreeBSD)) -}> id 1KNuOp-000Ily-Mp; Tue, 29 Jul 2008 22:58:19 +0400 -}> To: Randy Schultz -}> Cc: freebsd-jail@freebsd.org -}> Subject: Re: visudo non-functional in 7.0-RELEASE jail -}> References: -}> From: Boris Samorodov -}> Date: Tue, 29 Jul 2008 22:57:10 +0400 -}> In-Reply-To: (Randy Schultz's message of "Tue\, 29 Jul 2008 14\:20\:34 -0400 \(EDT\)") -}> Message-ID: <71363369@ipt.ru> -}> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (berkeley-unix) -}> MIME-Version: 1.0 -}> Content-Type: text/plain; charset=us-ascii -} -}> On Tue, 29 Jul 2008 14:20:34 -0400 (EDT) Randy Schultz wrote: -} -}[...] -} -}WBR -}-- -}bsam -}_______________________________________________ -}freebsd-jail@freebsd.org mailing list -}http://lists.freebsd.org/mailman/listinfo/freebsd-jail -}To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" -} -- Randy (schulra@earlham.edu) 765.983.1283 <*> Love with your heart, think with your head; not the other way around. From owner-freebsd-jail@FreeBSD.ORG Tue Jul 29 22:30:53 2008 Return-Path: Delivered-To: freebsd-jail@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DBDC8106566C for ; Tue, 29 Jul 2008 22:30:53 +0000 (UTC) (envelope-from edwin@mavetju.org) Received: from mail5out.barnet.com.au (mail5.barnet.com.au [202.83.178.78]) by mx1.freebsd.org (Postfix) with ESMTP id 9A4568FC0C for ; Tue, 29 Jul 2008 22:30:53 +0000 (UTC) (envelope-from edwin@mavetju.org) Received: by mail5out.barnet.com.au (Postfix, from userid 1001) id 473C82218A97; Wed, 30 Jul 2008 08:12:28 +1000 (EST) X-Viruscan-Id: <488F95CC0000D1420DB959@BarNet> Received: from mail5auth.barnet.com.au (mail5.barnet.com.au [202.83.178.78]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mail5auth.barnet.com.au", Issuer "*.barnet.com.au" (verified OK)) by mail5.barnet.com.au (Postfix) with ESMTP id E87B121B46F9; Wed, 30 Jul 2008 08:12:27 +1000 (EST) Received: from k7.mavetju (ppp121-44-44-136.lns10.syd7.internode.on.net [121.44.44.136]) by mail5auth.barnet.com.au (Postfix) with ESMTP id A65172218A83; Wed, 30 Jul 2008 08:12:27 +1000 (EST) Received: by k7.mavetju (Postfix, from userid 1001) id 19B2DA37; Wed, 30 Jul 2008 08:11:50 +1000 (EST) Date: Wed, 30 Jul 2008 08:11:50 +1000 From: Edwin Groothuis To: freebsd-jail@FreeBSD.org Message-ID: <20080729221150.GA92564@k7.mavetju> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.3i Cc: Subject: Re: visudo non-functional in 7.0-RELEASE jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2008 22:30:53 -0000 Since lock_file() consists of three different functions depending on your capabilities, could you pastebin the output of your config.log somwwhere to figure out which was is used? I have visudo (and sudo) here working without any problems, inside and outside jails. Edwin -- Edwin Groothuis | Personal website: http://www.mavetju.org edwin@mavetju.org | Weblog: http://www.mavetju.org/weblog/ From owner-freebsd-jail@FreeBSD.ORG Wed Jul 30 16:04:19 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6E534106564A for ; Wed, 30 Jul 2008 16:04:19 +0000 (UTC) (envelope-from schulra@earlham.edu) Received: from sipala.earlham.edu (sipala.earlham.edu [159.28.1.75]) by mx1.freebsd.org (Postfix) with ESMTP id 3A7348FC1A for ; Wed, 30 Jul 2008 16:04:19 +0000 (UTC) (envelope-from schulra@earlham.edu) Received: from tdream.lly.earlham.edu ([10.159.28.13]) by sipala.earlham.edu (8.13.6/8.13.6) with ESMTP id m6UG46BI008650 for ; Wed, 30 Jul 2008 12:04:16 -0400 (EDT) X-Authentication-Warning: sipala.earlham.edu: Host [10.159.28.13] claimed to be tdream.lly.earlham.edu Received: from tdream.lly.earlham.edu (tdream.lly.earlham.edu [159.28.7.241]) by tdream.lly.earlham.edu (Postfix) with ESMTP id B866421F93A for ; Wed, 30 Jul 2008 12:04:16 -0400 (EDT) Date: Wed, 30 Jul 2008 12:04:16 -0400 (EDT) From: Randy Schultz X-X-Sender: schulra@tdream.lly.earlham.edu To: freebsd-jail@freebsd.org In-Reply-To: <20080729221150.GA92564@k7.mavetju> Message-ID: References: <20080729221150.GA92564@k7.mavetju> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: visudo non-functional in 7.0-RELEASE jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Jul 2008 16:04:19 -0000 On Wed, 30 Jul 2008, Edwin Groothuis spaketh thusly: -}Since lock_file() consists of three different functions depending -}on your capabilities, could you pastebin the output of your config.log -}somwwhere to figure out which was is used? http://www.pastebin.be/13079 -} -}I have visudo (and sudo) here working without any problems, inside -}and outside jails. For fbsd 7.0? I have it for 6.x. If yours is 7.0 then I must have missed something. Did you set your jails up the long way or with ezjail? -- Randy (schulra@earlham.edu) 765.983.1283 <*> Love with your heart, think with your head; not the other way around. From owner-freebsd-jail@FreeBSD.ORG Wed Jul 30 16:47:57 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2C0BA106567D for ; Wed, 30 Jul 2008 16:47:57 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from services.ipt.ru (services.ipt.ru [194.62.233.110]) by mx1.freebsd.org (Postfix) with ESMTP id DC6998FC0C for ; Wed, 30 Jul 2008 16:47:56 +0000 (UTC) (envelope-from bsam@ipt.ru) Received: from [85.173.16.232] (helo=localhost.my.domain) by services.ipt.ru with esmtpa (Exim 4.54 (FreeBSD)) id 1KOEqB-000Dxl-IQ; Wed, 30 Jul 2008 20:47:55 +0400 To: Randy Schultz References: <20080729221150.GA92564@k7.mavetju> From: Boris Samorodov Date: Wed, 30 Jul 2008 20:46:39 +0400 In-Reply-To: (Randy Schultz's message of "Wed\, 30 Jul 2008 12\:04\:16 -0400 \(EDT\)") Message-ID: <14238192@ipt.ru> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.2 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-jail@freebsd.org Subject: Re: visudo non-functional in 7.0-RELEASE jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Jul 2008 16:47:57 -0000 On Wed, 30 Jul 2008 12:04:16 -0400 (EDT) Randy Schultz wrote: > On Wed, 30 Jul 2008, Edwin Groothuis spaketh thusly: > -}Since lock_file() consists of three different functions depending > -}on your capabilities, could you pastebin the output of your config.log > -}somwwhere to figure out which was is used? > http://www.pastebin.be/13079 > -} > -}I have visudo (and sudo) here working without any problems, inside > -}and outside jails. > For fbsd 7.0? I have it for 6.x. If yours is 7.0 then I must have missed > something. Did you set your jails up the long way or with ezjail? I have 7-STABLE here and some ezjail jails. The "sudo ezjail update -i" command gives me: ----- % ls -l /space/jails/basejail/usr/bin/su=20=20=20=20=20 -r-xr-xr-x 1 root wheel 16904 30 =D0=B8=D1=8E=D0=BB 20:34 /space/jails/b= asejail/usr/bin/su ----- ...while before updating it has been: ----- -r-sr-xr-x 1 root wheel 16904 23 =D0=B8=D1=8E=D0=BB 19:09 /space/jails/b= asejail/usr/bin/su ----- Note the bit "s" for the owner of the file. Sure the command "sudo chmod u+s /space/jails/basejail/usr/bin/su" helps here. HTH and WBR --=20 bsam From owner-freebsd-jail@FreeBSD.ORG Wed Jul 30 17:06:25 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EB6951065677 for ; Wed, 30 Jul 2008 17:06:25 +0000 (UTC) (envelope-from schulra@earlham.edu) Received: from sipala.earlham.edu (sipala.earlham.edu [159.28.1.75]) by mx1.freebsd.org (Postfix) with ESMTP id B3A3A8FC0C for ; Wed, 30 Jul 2008 17:06:25 +0000 (UTC) (envelope-from schulra@earlham.edu) Received: from tdream.lly.earlham.edu ([10.159.28.13]) by sipala.earlham.edu (8.13.6/8.13.6) with ESMTP id m6UH6CFt027261 for ; Wed, 30 Jul 2008 13:06:23 -0400 (EDT) X-Authentication-Warning: sipala.earlham.edu: Host [10.159.28.13] claimed to be tdream.lly.earlham.edu Received: from tdream.lly.earlham.edu (tdream.lly.earlham.edu [159.28.7.241]) by tdream.lly.earlham.edu (Postfix) with ESMTP id 76A4A21F93A for ; Wed, 30 Jul 2008 13:06:23 -0400 (EDT) Date: Wed, 30 Jul 2008 13:06:23 -0400 (EDT) From: Randy Schultz X-X-Sender: schulra@tdream.lly.earlham.edu To: freebsd-jail@freebsd.org In-Reply-To: <14238192@ipt.ru> Message-ID: References: <20080729221150.GA92564@k7.mavetju> <14238192@ipt.ru> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="-182915672-1267482390-1217437583=:18456" Subject: Re: visudo non-functional in 7.0-RELEASE jail X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Jul 2008 17:06:26 -0000 This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. ---182915672-1267482390-1217437583=:18456 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE On Wed, 30 Jul 2008, Boris Samorodov spaketh thusly: -} -}I have 7-STABLE here and some ezjail jails. The "sudo ezjail update -i" -}command gives me: -}----- -}% ls -l /space/jails/basejail/usr/bin/su =20 -}-r-xr-xr-x 1 root wheel 16904 30 =D0=B8=D1=8E=D0=BB 20:34 /space/jails= /basejail/usr/bin/su -}----- -} -}...while before updating it has been: -}----- -}-r-sr-xr-x 1 root wheel 16904 23 =D0=B8=D1=8E=D0=BB 19:09 /space/jails= /basejail/usr/bin/su -}----- -} -}Note the bit "s" for the owner of the file. Sure the command -}"sudo chmod u+s /space/jails/basejail/usr/bin/su" helps here. Hey Boris, Tnx for the hint. Unfortunately my su in and out of the jail both have the same perms of 4555 so the problem is elsewhere. -- Randy (schulra@earlham.edu) 765.983.1283 <*> Love with your heart, think with your head; not the other way around. ---182915672-1267482390-1217437583=:18456-- From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 08:17:55 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 55EDA1065673 for ; Fri, 1 Aug 2008 08:17:55 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.185]) by mx1.freebsd.org (Postfix) with ESMTP id D3DAB8FC1A for ; Fri, 1 Aug 2008 08:17:54 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so662867mue.3 for ; Fri, 01 Aug 2008 01:17:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=mb02vmOhqRTVBxol56rdouie4ArwVFwBABHt/UmI+zM=; b=tOundWxNrIDdo6nSGbxQfuWtXJwEM7Z8a5RxzxA63FUsAHIWbRMjpUXM3B12QxX37/ facRAX1Hi8SjSrGl7YDq3V11Sl/P9k/Dzsz9vEMuEeROJySinlXHY0Bv9nFGI4XaUyYr SZKrcy6m/oRENUSIcBPzX0l4RcxFWs0xEHg6w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=I74LcCLiMHL7QY6P5z3b+gJCOYOPco7PPun2CpwiiUn0/KkF77lI6R1WR161wl71zW ZXIh1/JJsn9JDIzAL8z1punlpuXJKpJnq6amRkyd+beVD6AoQHrLqroVVzNCcr/rGnMQ BbKwtqtJIe6j6IGjIW0+WYoLiVdDUrUz6tmXQ= Received: by 10.103.141.8 with SMTP id t8mr4272622mun.101.1217578673369; Fri, 01 Aug 2008 01:17:53 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Fri, 1 Aug 2008 01:17:53 -0700 (PDT) Message-ID: Date: Fri, 1 Aug 2008 10:17:53 +0200 From: "Redd Vinylene" To: freebsd-jail@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Subject: Re: Multiple IPs X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 08:17:55 -0000 Whooops, # patch -p6 < bz_jail7-20080727-11-at146062.diff Yeah that's more like it ;) On Fri, Aug 1, 2008 at 10:05 AM, Redd Vinylene wrote: > Big ups to Bjoern A. Zeeb for his multiple IP patch as well as his > friendly support service ;) > > I'd just like to confirm, however, if this is how it's done? > > # cd /usr/src > # wget http://people.freebsd.org/~bz/bz_jail7-20080727-11-at146062.diff > # patch -p6 bz_jail7-20080727-11-at146062.diff > # make buildworld > # make buildkernel KERNCONF=GENERIC > # make installworld > # make installkernel KERNCONF=GENERIC > # mergemaster -U > > Now to the jail part (this is exactly how I created the jail in the first place) > > # export D=/usr/jail/camel > # mkdir -p $D > # make world DESTDIR=$D > # cd etc/ > # make distribution DESTDIR=$D > # mount -t devfs devfs $D/dev > > Thank you all! > > Redd Vinylene > http://www.home.no/reddvinylene > From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 08:22:06 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9932B106567E for ; Fri, 1 Aug 2008 08:22:06 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.190]) by mx1.freebsd.org (Postfix) with ESMTP id 238938FC29 for ; Fri, 1 Aug 2008 08:22:05 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so663637mue.3 for ; Fri, 01 Aug 2008 01:22:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=hSEg40VPfmRJipcR4jJzFUXSVKYzT2K7Gyx1SQFyhJI=; b=KikQTeW6A4ig34mFi7e/wHf2Z8yCqeggYWrbPaSCgvet6C2ydNYU2U5fGe+WMCcp03 Qz0c6cGD29x4ytsYlqUeXTdryW+mOsKxxPW4d3BxQsE2+6O8mvjVbpOEu7TUSlt4kOjw S8PhVsASlJs7XEFhQ3Qx7x6sfaj5Op66UlUAY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=L4Xp1eHXiCzBdflFD2V747LOx6wzpcamXYUO/m84WPx1AVUerb/5JjH61Askfen6Um u2AgJu/4TQluKCGV9Xlu/guA62z93od5y8rNiLmNmoXtSfH3yIx4DtPCH9pkMySGNnvn 4AV/zdX23b4z6Ys9F/6+AgKUtUdt7Ahx4cwfU= Received: by 10.103.198.20 with SMTP id a20mr4270739muq.56.1217578924853; Fri, 01 Aug 2008 01:22:04 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Fri, 1 Aug 2008 01:22:04 -0700 (PDT) Message-ID: Date: Fri, 1 Aug 2008 10:22:04 +0200 From: "Redd Vinylene" To: freebsd-jail@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Subject: Re: Multiple IPs X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 08:22:06 -0000 Also, under jail_X_ip in rc.conf, must I enter the IPs one by one or can I specify an entire range? Much obliged! On Fri, Aug 1, 2008 at 10:17 AM, Redd Vinylene wrote: > Whooops, > > # patch -p6 < bz_jail7-20080727-11-at146062.diff > > Yeah that's more like it ;) > > On Fri, Aug 1, 2008 at 10:05 AM, Redd Vinylene wrote: >> Big ups to Bjoern A. Zeeb for his multiple IP patch as well as his >> friendly support service ;) >> >> I'd just like to confirm, however, if this is how it's done? >> >> # cd /usr/src >> # wget http://people.freebsd.org/~bz/bz_jail7-20080727-11-at146062.diff >> # patch -p6 bz_jail7-20080727-11-at146062.diff >> # make buildworld >> # make buildkernel KERNCONF=GENERIC >> # make installworld >> # make installkernel KERNCONF=GENERIC >> # mergemaster -U >> >> Now to the jail part (this is exactly how I created the jail in the first place) >> >> # export D=/usr/jail/camel >> # mkdir -p $D >> # make world DESTDIR=$D >> # cd etc/ >> # make distribution DESTDIR=$D >> # mount -t devfs devfs $D/dev >> >> Thank you all! >> >> Redd Vinylene >> http://www.home.no/reddvinylene >> > From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 08:30:09 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5F6A91065675 for ; Fri, 1 Aug 2008 08:30:09 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from fk-out-0910.google.com (fk-out-0910.google.com [209.85.128.189]) by mx1.freebsd.org (Postfix) with ESMTP id D90C88FC1A for ; Fri, 1 Aug 2008 08:30:08 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by fk-out-0910.google.com with SMTP id k31so1224686fkk.11 for ; Fri, 01 Aug 2008 01:30:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=zwZdMjMFRnM9pJMC+t4El7YO+w1yiBWmRQuVPQkFdcU=; b=tZqIsjlHmzvPd4SLnMCccbpny2DrmvAoDW9fvlxUiUIrIXnZXrgvPo0fW2C/7R6MY8 QPMuRpfLbAoLYGfi//u6dmpzU1uRhDW9iCQ3LbTjohRCBtIuUw+2A1H65ZuxxmYoTVXz eoYtFS9Oj3wDUkNtXYL1ZQKqhM89iJZN9vcZM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=VvbUl/GWiLVYl5cEVO9KauhkL6tvF5xwZHvMgozBwkYGl6fT63Y+yhDgBNwPmrqoXg RPOa9Z7Ic2IAnAJzShO5EpjDGeYwKCNsOsoMuW4gCuvvua5BTND+cDWfFRcS11lRcTWF TEGOvI4QlSDEevrKfSnpFy7Q2NdkMllw1zwFM= Received: by 10.103.247.14 with SMTP id z14mr4273432mur.39.1217577932091; Fri, 01 Aug 2008 01:05:32 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Fri, 1 Aug 2008 01:05:32 -0700 (PDT) Message-ID: Date: Fri, 1 Aug 2008 10:05:32 +0200 From: "Redd Vinylene" To: freebsd-jail@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Multiple IPs X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 08:30:09 -0000 Big ups to Bjoern A. Zeeb for his multiple IP patch as well as his friendly support service ;) I'd just like to confirm, however, if this is how it's done? # cd /usr/src # wget http://people.freebsd.org/~bz/bz_jail7-20080727-11-at146062.diff # patch -p6 bz_jail7-20080727-11-at146062.diff # make buildworld # make buildkernel KERNCONF=GENERIC # make installworld # make installkernel KERNCONF=GENERIC # mergemaster -U Now to the jail part (this is exactly how I created the jail in the first place) # export D=/usr/jail/camel # mkdir -p $D # make world DESTDIR=$D # cd etc/ # make distribution DESTDIR=$D # mount -t devfs devfs $D/dev Thank you all! Redd Vinylene http://www.home.no/reddvinylene From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 17:25:07 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B264F1065674 for ; Fri, 1 Aug 2008 17:25:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id 6A4F18FC12 for ; Fri, 1 Aug 2008 17:25:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id BA28F41C705; Fri, 1 Aug 2008 19:25:05 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id eJtSzDKYV5b3; Fri, 1 Aug 2008 19:25:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id 5F30341C6F2; Fri, 1 Aug 2008 19:25:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id DE78E44487F; Fri, 1 Aug 2008 17:20:38 +0000 (UTC) Date: Fri, 1 Aug 2008 17:20:38 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Redd Vinylene In-Reply-To: Message-ID: <20080801171343.M88849@maildrop.int.zabbadoz.net> References: X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-jail@freebsd.org Subject: Re: Multiple IPs X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 17:25:07 -0000 On Fri, 1 Aug 2008, Redd Vinylene wrote: Hi, > # patch -p6 < bz_jail7-20080727-11-at146062.diff could be that it needs to be -p7 Try with patch -C -p6/7 (with -C) first and check that it does not complain. > Yeah that's more like it ;) > > On Fri, Aug 1, 2008 at 10:05 AM, Redd Vinylene wrote: >> Big ups to Bjoern A. Zeeb for his multiple IP patch as well as his >> friendly support service ;) >> >> I'd just like to confirm, however, if this is how it's done? >> >> # cd /usr/src >> # wget http://people.freebsd.org/~bz/bz_jail7-20080727-11-at146062.diff preferably use "fetch" as it comes with base;-) >> # patch -p6 bz_jail7-20080727-11-at146062.diff see above >> # make buildworld >> # make buildkernel KERNCONF=GENERIC >> # make installworld >> # make installkernel KERNCONF=GENERIC you do not need KERNCONF=GENERIC (that's the default) for both commands. >> # mergemaster -U >> >> Now to the jail part (this is exactly how I created the jail in the first place) >> >> # export D=/usr/jail/camel >> # mkdir -p $D >> # make world DESTDIR=$D that should be make installworld DESTDIR=$D >> # cd etc/ nope, no longer needed >> # make distribution DESTDIR=$D yes >> # mount -t devfs devfs $D/dev Rather not. Set jail_camel_devfs_enable="YES" in /etc/rc.conf (assuming the `name' of the jail will be camel). See the Jails section at the end of /etc/defaults/rc.conf for the other options. The IP addresses will need to be given as a ',' sepcarated list like: jail_camel_ip="192.0.2.1,192.0.2.17,192.0.2.255" You'll need a reboot somewhen for the new kernel etc. you can do sh /etc/rc.d/jail stop sh /etc/rc.d/jail start sh /etc/rc.d/jail stop camel sh /etc/rc.d/jail start camel ... I hope that helps. -- Bjoern A. Zeeb Stop bit received. Insert coin for new game. From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 17:26:22 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2BBC71065681 for ; Fri, 1 Aug 2008 17:26:22 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.186]) by mx1.freebsd.org (Postfix) with ESMTP id B30238FC23 for ; Fri, 1 Aug 2008 17:26:21 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by nf-out-0910.google.com with SMTP id h3so607995nfh.33 for ; Fri, 01 Aug 2008 10:26:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=A1+1LEIunk1IbpNWcPe/kWgFthvUw6CM6BtV36JJUwM=; b=tD3Aup60ht2+ObPSeFm4P+luo4e5KBi1fDP8GrkDe2teCGG1sHJwKqS/7PnUbAP1QY sCwKwmce6Ac85/SINkAsgd2Eln3M1WRN3YCSjcv6T7tbGlX2dgpGz7voEU/UUhEgrYVP eZ1LkRrBAKKP7+JBED2/6HOCZIjWUhxbCT9zM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=D3FbK8do8UJjhztr15EiA2JoDHom1EpzIpLnMN7xnYWPJdqaDH+R4t6ot7m8LnVUgL m7JFByLAwsD+xk2SU9GuyGRm2BHJa6L/96l0+grwhYshT3u6f/9au4HwK0Lb7y9WIVyI VXQ+QBq8BOIyqduB9R19WukaQGSmgITT5Fy7U= Received: by 10.103.131.18 with SMTP id i18mr4436788mun.126.1217611580431; Fri, 01 Aug 2008 10:26:20 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Fri, 1 Aug 2008 10:26:20 -0700 (PDT) Message-ID: Date: Fri, 1 Aug 2008 19:26:20 +0200 From: "Redd Vinylene" To: questions@freebsd.org, freebsd-jail@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: Subject: The best way to upgrade my FreeBSD and its jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 17:26:22 -0000 My dedicated server is mother, its two jails are camel and box. Is this the best way to upgrade all of them? Pretty cool huh? - # FreeBSD/i386 mother.reddvinylene.no csup /etc/cvsupfile && \ cd /usr/src && \ make buildworld && \ make buildkernel && \ make installworld && \ make installkernel && \ make delete-old && \ make delete-old-libs && \ mergemaster -U&& \ export D=/usr/jail/camel && \ make installworld DESTDIR=$D && \ make installworld installkernel DESTDIR=$D && \ make delete-old DESTDIR=$D && \ make delete-old-libs DESTDIR=$D && \ cd etc/ && \ make distribution DESTDIR=$D && \ cd .. && \ mergemaster -U -D $D && \ export D=/usr/jail/box && \ make installworld DESTDIR=$D && \ make installworld installkernel DESTDIR=$D && \ make delete-old DESTDIR=$D && \ make delete-old-libs DESTDIR=$D && \ cd etc/ && \ make distribution DESTDIR=$D && \ cd .. && \ mergemaster -U -D $D && \ chflags -R noschg /usr/obj/* && \ rm -rf /usr/obj/* - Redd Vinylene http://www.home.no/reddvinylene From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 17:28:02 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ED5E01065675 for ; Fri, 1 Aug 2008 17:28:02 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.184]) by mx1.freebsd.org (Postfix) with ESMTP id 750E28FC15 for ; Fri, 1 Aug 2008 17:28:02 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so811232mue.3 for ; Fri, 01 Aug 2008 10:28:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=A1+1LEIunk1IbpNWcPe/kWgFthvUw6CM6BtV36JJUwM=; b=mYxC9BuyP4Gmxdl9BHobQrR9aPNXVtPR/g0ZD4zPv7lqELOiFlYL5K/nDp/YsR+ViU ScYD8agFkvIADFZ4bFaGwuUl1va8pryOhzU3ObD0RkvAZcLlS4YXAIudr8lcrONth9nc WDy63z7NsHlpZWstHjl/86sR3Ej3+SNbz5WYU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=gAyCLGyyBBoH8e38kDnW7ic/do9WwWo0zIrOvmdQqhcrb3GWuZLQKDiJdDnf6qZUGh XDOwegYWCipWTMvqPZoZhgBxlPHxO4IwaLUuEDjSlsG7XqQGg3wPIwg0qJjaZ2S4M5TZ V/BKP/bI+Xu1hbdJ59wXcWlODRE8b9DtJPTVk= Received: by 10.103.227.13 with SMTP id e13mr4442373mur.49.1217611681117; Fri, 01 Aug 2008 10:28:01 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Fri, 1 Aug 2008 10:28:01 -0700 (PDT) Message-ID: Date: Fri, 1 Aug 2008 19:28:01 +0200 From: "Redd Vinylene" To: questions@freebsd.org, freebsd-jail@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: Subject: The best way to upgrade my FreeBSD and its jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 17:28:03 -0000 My dedicated server is mother, its two jails are camel and box. Is this the best way to upgrade all of them? Pretty cool huh? - # FreeBSD/i386 mother.reddvinylene.no csup /etc/cvsupfile && \ cd /usr/src && \ make buildworld && \ make buildkernel && \ make installworld && \ make installkernel && \ make delete-old && \ make delete-old-libs && \ mergemaster -U&& \ export D=/usr/jail/camel && \ make installworld DESTDIR=$D && \ make installworld installkernel DESTDIR=$D && \ make delete-old DESTDIR=$D && \ make delete-old-libs DESTDIR=$D && \ cd etc/ && \ make distribution DESTDIR=$D && \ cd .. && \ mergemaster -U -D $D && \ export D=/usr/jail/box && \ make installworld DESTDIR=$D && \ make installworld installkernel DESTDIR=$D && \ make delete-old DESTDIR=$D && \ make delete-old-libs DESTDIR=$D && \ cd etc/ && \ make distribution DESTDIR=$D && \ cd .. && \ mergemaster -U -D $D && \ chflags -R noschg /usr/obj/* && \ rm -rf /usr/obj/* - Redd Vinylene http://www.home.no/reddvinylene From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 18:27:05 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AD11F1065684 for ; Fri, 1 Aug 2008 18:27:05 +0000 (UTC) (envelope-from simon@zaphod.nitro.dk) Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.freebsd.org (Postfix) with ESMTP id 6717A8FC1B for ; Fri, 1 Aug 2008 18:27:05 +0000 (UTC) (envelope-from simon@zaphod.nitro.dk) Received: from zaphod.nitro.dk (unknown [192.168.3.39]) by mx.nitro.dk (Postfix) with ESMTP id 5501B1E8C1D; Fri, 1 Aug 2008 18:09:25 +0000 (UTC) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id 004EE114C4; Fri, 1 Aug 2008 20:10:01 +0200 (CEST) Date: Fri, 1 Aug 2008 20:10:01 +0200 From: "Simon L. Nielsen" To: "Bjoern A. Zeeb" Message-ID: <20080801181000.GA1526@zaphod.nitro.dk> References: <20080727115111.D57089@maildrop.int.zabbadoz.net> <20080727152715.Y57089@maildrop.int.zabbadoz.net> <20080727174715.F57089@maildrop.int.zabbadoz.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080727174715.F57089@maildrop.int.zabbadoz.net> User-Agent: Mutt/1.5.16 (2007-06-09) Cc: freebsd-jail@freebsd.org Subject: Re: new multi-/no-ip4/v6 jail patches X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 18:27:05 -0000 On 2008.07.27 17:48:26 +0000, Bjoern A. Zeeb wrote: > On Sun, 27 Jul 2008, Bjoern A. Zeeb wrote: > >> On Sun, 27 Jul 2008, Bjoern A. Zeeb wrote: >> >> Hi, >> >> there is a regression in there with unbound udp connects. I am >> investigating and the patches are gone for the moment. I'll let you >> know once I updated them. > > the new patches are here: > > HEAD: http://people.freebsd.org/~bz/bz_jail-20080727-10-at146056.diff > 7-STABLE: http://people.freebsd.org/~bz/bz_jail7-20080727-10-at146056.diff This patch has been running since without problems on sky.FreeBSD.org (which hosts the FreeBSD wiki and more): 6:07PM up 5 days, 49 mins, 1 user, load averages: 0.00, 0.05, 0.07 -- Simon L. Nielsen From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 19:00:36 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C06EC106567E for ; Fri, 1 Aug 2008 19:00:36 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [91.103.162.4]) by mx1.freebsd.org (Postfix) with ESMTP id 2C9CC8FC22 for ; Fri, 1 Aug 2008 19:00:35 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from localhost (localhost.codelab.cz [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id B346719E023; Fri, 1 Aug 2008 21:00:33 +0200 (CEST) Received: from [192.168.1.2] (r5bb235.net.upc.cz [86.49.61.235]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 6EC1119E019; Fri, 1 Aug 2008 21:00:31 +0200 (CEST) Message-ID: <48935D68.2080603@quip.cz> Date: Fri, 01 Aug 2008 21:00:56 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 X-Accept-Language: cz, cs, en, en-us MIME-Version: 1.0 To: Redd Vinylene References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org, questions@freebsd.org Subject: Re: The best way to upgrade my FreeBSD and its jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 19:00:36 -0000 Redd Vinylene wrote: > My dedicated server is mother, its two jails are camel and box. Is > this the best way to upgrade all of them? > > Pretty cool huh? > > - > > # FreeBSD/i386 mother.reddvinylene.no > > csup /etc/cvsupfile && \ > > cd /usr/src && \ > > make buildworld && \ > > make buildkernel && \ > > make installworld && \ > > make installkernel && \ > > make delete-old && \ > > make delete-old-libs && \ > > mergemaster -U&& \ > > export D=/usr/jail/camel && \ > > make installworld DESTDIR=$D && \ > > make installworld installkernel DESTDIR=$D && \ > > make delete-old DESTDIR=$D && \ > > make delete-old-libs DESTDIR=$D && \ > > cd etc/ && \ > > make distribution DESTDIR=$D && \ > > cd .. && \ > > mergemaster -U -D $D && \ > > export D=/usr/jail/box && \ > > make installworld DESTDIR=$D && \ > > make installworld installkernel DESTDIR=$D && \ > > make delete-old DESTDIR=$D && \ > > make delete-old-libs DESTDIR=$D && \ > > cd etc/ && \ > > make distribution DESTDIR=$D && \ > > cd .. && \ > > mergemaster -U -D $D && \ > > chflags -R noschg /usr/obj/* && \ > > rm -rf /usr/obj/* It would be better if you post what version you are running and to what version you want to update / upgrade. If you want to use some RELEASE, you can user freebsd-update command for binary update of base and jails. Also it is not good to do all the above steps as one chained command. Miroslav Lachman From owner-freebsd-jail@FreeBSD.ORG Fri Aug 1 23:14:09 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 50B301065679 for ; Fri, 1 Aug 2008 23:14:09 +0000 (UTC) (envelope-from mikhailg@webanoide.org) Received: from smtp.tal.navalradio.cl (smtp.tal.navalradio.cl [201.236.67.155]) by mx1.freebsd.org (Postfix) with ESMTP id 89CA28FC16 for ; Fri, 1 Aug 2008 23:14:07 +0000 (UTC) (envelope-from mikhailg@webanoide.org) Received: from [172.18.64.125] ([172.18.64.125]) (authenticated bits=0) by smtp.tal.navalradio.cl (8.13.8/8.13.8) with ESMTP id m71NDqdq084005 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 1 Aug 2008 23:14:03 GMT (envelope-from mikhailg@webanoide.org) Message-ID: <489398AD.6000900@webanoide.org> Date: Fri, 01 Aug 2008 19:13:49 -0400 From: Mikhail Goriachev Organization: Webanoide User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) MIME-Version: 1.0 To: Redd Vinylene References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-jail@freebsd.org Subject: Re: The best way to upgrade my FreeBSD and its jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2008 23:14:09 -0000 Redd Vinylene wrote: > My dedicated server is mother, its two jails are camel and box. Is > this the best way to upgrade all of them? We probably should keep this to freebsd-jail@ only. Had a look at http://pastie.org/245821 and have a few notes for you: 1.- As Miroslav already mentioned - it is not a good idea to daisy chain everything. You should break the procedure into two steps. Firstly upgrade the host and make sure the upgrade went well. Once you're certain that everything is ok, then proceed upgrading jails. I personally disable jails (jail_enable="NO"), then reboot (to avoid any zombie jails), perform upgrade on all jails and then enable them back on. 2.- Your upgrading sequence is a bit off. Have a look at /usr/src/Makefile for further details and correct sequence: # make buildworld # make buildkernel # make installkernel # reboot # mergemaster -p # make installworld # make delete-old # mergemaster # reboot # make delete-old-libs 3.- You don't need kernels inside your jails. Having them won't hurt you, but they consume space. In other words, you shouldn't execute the following (or similar): # make DESTDIR=$D installkernel 4.- The "make distribution DESTDIR=$D" should be executed only once - when a jail is created. Otherwise you're nuking your configurations in jail's /etc and probably somewhere else. Have a go at this, you might find some use for it: ----------------------- JAILSDIR=/usr/local/jails cd /usr/src for jail in `ls ${JAILSDIR}`; do mergemaster -pD ${JAILSDIR}/${jail} make installworld DESTDIR=${JAILSDIR}/${jail} mergemaster -iD ${JAILSDIR}/${jail} done ----------------------- Regards, Mikhail. -- Mikhail Goriachev Webanoide From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 07:28:21 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EEF121065676 for ; Sat, 2 Aug 2008 07:28:21 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [91.103.162.4]) by mx1.freebsd.org (Postfix) with ESMTP id AE8418FC16 for ; Sat, 2 Aug 2008 07:28:21 +0000 (UTC) (envelope-from 000.fbsd@quip.cz) Received: from localhost (localhost.codelab.cz [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id ED98C19E023; Sat, 2 Aug 2008 09:28:19 +0200 (CEST) Received: from [192.168.1.2] (r5bb235.net.upc.cz [86.49.61.235]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id B51AC19E019; Sat, 2 Aug 2008 09:28:17 +0200 (CEST) Message-ID: <48940CAB.9040001@quip.cz> Date: Sat, 02 Aug 2008 09:28:43 +0200 From: Miroslav Lachman <000.fbsd@quip.cz> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 X-Accept-Language: cz, cs, en, en-us MIME-Version: 1.0 To: freebsd-jail@freebsd.org References: <489398AD.6000900@webanoide.org> In-Reply-To: <489398AD.6000900@webanoide.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: Re: The best way to upgrade my FreeBSD and its jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 07:28:22 -0000 Mikhail Goriachev wrote: > Redd Vinylene wrote: > >> My dedicated server is mother, its two jails are camel and box. Is >> this the best way to upgrade all of them? > > > We probably should keep this to freebsd-jail@ only. > > Had a look at http://pastie.org/245821 and have a few notes for you: > > 1.- As Miroslav already mentioned - it is not a good idea to daisy chain > everything. You should break the procedure into two steps. Firstly > upgrade the host and make sure the upgrade went well. Once you're > certain that everything is ok, then proceed upgrading jails. > > I personally disable jails (jail_enable="NO"), then reboot (to avoid any > zombie jails), perform upgrade on all jails and then enable them back on. > > 2.- Your upgrading sequence is a bit off. Have a look at > /usr/src/Makefile for further details and correct sequence: > > # make buildworld > # make buildkernel > # make installkernel > # reboot > # mergemaster -p > # make installworld > # make delete-old > # mergemaster > # reboot > # make delete-old-libs > > 3.- You don't need kernels inside your jails. Having them won't hurt > you, but they consume space. In other words, you shouldn't execute the > following (or similar): > > # make DESTDIR=$D installkernel > > 4.- The "make distribution DESTDIR=$D" should be executed only once - > when a jail is created. Otherwise you're nuking your configurations in > jail's /etc and probably somewhere else. One thing to note - If you do delete-old delete-old-libs you probably need to recompile all installed ports because of lib dependencies. > Have a go at this, you might find some use for it: > > ----------------------- > JAILSDIR=/usr/local/jails > > cd /usr/src > > for jail in `ls ${JAILSDIR}`; do > mergemaster -pD ${JAILSDIR}/${jail} > make installworld DESTDIR=${JAILSDIR}/${jail} > mergemaster -iD ${JAILSDIR}/${jail} > done > ----------------------- From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 10:04:01 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 19033106564A for ; Sat, 2 Aug 2008 10:04:01 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.186]) by mx1.freebsd.org (Postfix) with ESMTP id 01B778FC0C for ; Sat, 2 Aug 2008 10:03:59 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so1079000mue.3 for ; Sat, 02 Aug 2008 03:03:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=c5SUXfupqdJsMYa3LBm33Jpzq0jUX0HWRzQcBSt/Dmw=; b=jGuRKy9BhjXCMWPjfgGiqzY1WGkJBi6yNfp6GFnv3VTJUPBpHz/M5hWuB3fF8i5VuQ MccgUQTOLIgggESdEjjR89SzKYJqS17iuWssV5NGeZCJ1FutBIyTVzXbhCNbPbhBfWLR Couy0w52eSFYPwb3VzYd07yvDw8sjuBRmDRUA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=bi74Smnj/dzVMcuVLTDZZOEoGNBatzrbD07pIGIU2kUZnk+CfxG9OXRlgu72rnBJNZ l5dju4pwb51CZlAc6qz+g9MfK48sl+XOioN0oWXmaIjyF6PNLxYlSLNgzO/mbl/HmANn tzOZqO/hm4DsZ/0+u29KrELWuwOv43YgFqPoQ= Received: by 10.103.246.17 with SMTP id y17mr4662597mur.55.1217671437692; Sat, 02 Aug 2008 03:03:57 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Sat, 2 Aug 2008 03:03:57 -0700 (PDT) Message-ID: Date: Sat, 2 Aug 2008 12:03:57 +0200 From: "Redd Vinylene" To: "Miroslav Lachman" <000.fbsd@quip.cz>, "Mikhail Goriachev" In-Reply-To: <48940CAB.9040001@quip.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <489398AD.6000900@webanoide.org> <48940CAB.9040001@quip.cz> Cc: freebsd-jail@freebsd.org Subject: Re: The best way to upgrade my FreeBSD and its jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 10:04:01 -0000 Thanks a lot guys for your great design insight! I hope others will find this thread interesting as well. Here's the final upgrade script I decided to use (my shell is zsh): - # FreeBSD/i386 mother.naoshige.net csup /etc/cvsupfile cd /usr/src make buildworld buildkernel && \ mergemaster -p && \ make installworld installkernel delete-old delete-old-libs && \ mergemaster -i -U && \ JAILS=/usr/local/jails cd /usr/src for jail in $JAILS/*; do mergemaster -p -D $JAILS/$jail && \ make installworld delete-old delete-old-libs DESTDIR=$JAILS/$jail && \ mergemaster -i -U -D $JAILS/$jail && \ done chflags -R noschg /usr/obj/* rm -rf /usr/obj/* - Much obliged! On Sat, Aug 2, 2008 at 9:28 AM, Miroslav Lachman <000.fbsd@quip.cz> wrote: > Mikhail Goriachev wrote: >> >> Redd Vinylene wrote: >> >>> My dedicated server is mother, its two jails are camel and box. Is >>> this the best way to upgrade all of them? >> >> >> We probably should keep this to freebsd-jail@ only. >> >> Had a look at http://pastie.org/245821 and have a few notes for you: >> >> 1.- As Miroslav already mentioned - it is not a good idea to daisy chain >> everything. You should break the procedure into two steps. Firstly upgrade >> the host and make sure the upgrade went well. Once you're certain that >> everything is ok, then proceed upgrading jails. >> >> I personally disable jails (jail_enable="NO"), then reboot (to avoid any >> zombie jails), perform upgrade on all jails and then enable them back on. >> >> 2.- Your upgrading sequence is a bit off. Have a look at /usr/src/Makefile >> for further details and correct sequence: >> >> # make buildworld >> # make buildkernel >> # make installkernel >> # reboot >> # mergemaster -p >> # make installworld >> # make delete-old >> # mergemaster >> # reboot >> # make delete-old-libs >> >> 3.- You don't need kernels inside your jails. Having them won't hurt you, >> but they consume space. In other words, you shouldn't execute the following >> (or similar): >> >> # make DESTDIR=$D installkernel >> >> 4.- The "make distribution DESTDIR=$D" should be executed only once - when >> a jail is created. Otherwise you're nuking your configurations in jail's >> /etc and probably somewhere else. > > One thing to note - If you do delete-old delete-old-libs you probably need > to recompile all installed ports because of lib dependencies. > >> Have a go at this, you might find some use for it: >> >> ----------------------- >> JAILSDIR=/usr/local/jails >> >> cd /usr/src >> >> for jail in `ls ${JAILSDIR}`; do >> mergemaster -pD ${JAILSDIR}/${jail} >> make installworld DESTDIR=${JAILSDIR}/${jail} >> mergemaster -iD ${JAILSDIR}/${jail} >> done >> ----------------------- > From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 14:26:37 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3B72E1065674 for ; Sat, 2 Aug 2008 14:26:37 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.186]) by mx1.freebsd.org (Postfix) with ESMTP id A73848FC12 for ; Sat, 2 Aug 2008 14:26:36 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so1119717mue.3 for ; Sat, 02 Aug 2008 07:26:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=IgmG16kBqEPZDSJohNM5YGDoS+ECDEsphtQudNF8o9o=; b=sEnN577AUveW+P2Nc6Y7VERAuW3pCAdsFg3odIb6ugCQO/8JE5w/bBl/w17a4CcJSh Dq0E/671TO1Qc11Ev3zUGRkkiWkkv9FhxtVyPSV8uCgXfVxEmp3Y7OG/BJ/8UA5oIdDG MWpbBEOPPdig4YtiPpTAexU9pfdG/awOuFveA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=bS5+8DMYKW4cc5LLPDx1qUj3mmehZG0BbmiDWVu5lxkzTs8K0zLwi0XgD+uVjOg3fi YbBYqQYu8rTI3u+wmZyxGV6K22Dh2j/v0key+0zMGIWr68ZuU96ToHVvtkAr1fb5qlyU cHiZTRyyxpyAmaq0i+ao924pxG6rH9Bbh7AwE= Received: by 10.103.207.11 with SMTP id j11mr4726630muq.47.1217687194968; Sat, 02 Aug 2008 07:26:34 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Sat, 2 Aug 2008 07:26:34 -0700 (PDT) Message-ID: Date: Sat, 2 Aug 2008 16:26:34 +0200 From: "Redd Vinylene" To: "Miroslav Lachman" <000.fbsd@quip.cz>, "Mikhail Goriachev" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <489398AD.6000900@webanoide.org> <48940CAB.9040001@quip.cz> Cc: freebsd-jail@freebsd.org Subject: Re: The best way to upgrade my FreeBSD and its jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 14:26:37 -0000 Slight improvement, set -e replaces all the && \: - # FreeBSD/i386 mother.naoshige.net set -e csup /etc/cvsupfile cd /usr/src make buildworld buildkernel mergemaster -p make installworld installkernel delete-old delete-old-libs mergemaster -i -U JAILS=/usr/local/jails for jail in $JAILS/*; do mergemaster -p -D $JAILS/$jail make installworld delete-old delete-old-libs DESTDIR=$JAILS/$jail mergemaster -i -U -D $JAILS/$jail done chflags -R noschg /usr/obj/* rm -rf /usr/obj/* - Peace! On Sat, Aug 2, 2008 at 12:03 PM, Redd Vinylene wrote: > Thanks a lot guys for your great design insight! > > I hope others will find this thread interesting as well. Here's the > final upgrade script I decided to use (my shell is zsh): > > - > > # FreeBSD/i386 mother.naoshige.net > > csup /etc/cvsupfile > > cd /usr/src > > make buildworld buildkernel && \ > > mergemaster -p && \ > > make installworld installkernel delete-old delete-old-libs && \ > > mergemaster -i -U && \ > > JAILS=/usr/local/jails > > cd /usr/src > > for jail in $JAILS/*; do > > mergemaster -p -D $JAILS/$jail && \ > > make installworld delete-old delete-old-libs DESTDIR=$JAILS/$jail && \ > > mergemaster -i -U -D $JAILS/$jail && \ > > done > > chflags -R noschg /usr/obj/* > > rm -rf /usr/obj/* > > - > > Much obliged! > > On Sat, Aug 2, 2008 at 9:28 AM, Miroslav Lachman <000.fbsd@quip.cz> wrote: >> Mikhail Goriachev wrote: >>> >>> Redd Vinylene wrote: >>> >>>> My dedicated server is mother, its two jails are camel and box. Is >>>> this the best way to upgrade all of them? >>> >>> >>> We probably should keep this to freebsd-jail@ only. >>> >>> Had a look at http://pastie.org/245821 and have a few notes for you: >>> >>> 1.- As Miroslav already mentioned - it is not a good idea to daisy chain >>> everything. You should break the procedure into two steps. Firstly upgrade >>> the host and make sure the upgrade went well. Once you're certain that >>> everything is ok, then proceed upgrading jails. >>> >>> I personally disable jails (jail_enable="NO"), then reboot (to avoid any >>> zombie jails), perform upgrade on all jails and then enable them back on. >>> >>> 2.- Your upgrading sequence is a bit off. Have a look at /usr/src/Makefile >>> for further details and correct sequence: >>> >>> # make buildworld >>> # make buildkernel >>> # make installkernel >>> # reboot >>> # mergemaster -p >>> # make installworld >>> # make delete-old >>> # mergemaster >>> # reboot >>> # make delete-old-libs >>> >>> 3.- You don't need kernels inside your jails. Having them won't hurt you, >>> but they consume space. In other words, you shouldn't execute the following >>> (or similar): >>> >>> # make DESTDIR=$D installkernel >>> >>> 4.- The "make distribution DESTDIR=$D" should be executed only once - when >>> a jail is created. Otherwise you're nuking your configurations in jail's >>> /etc and probably somewhere else. >> >> One thing to note - If you do delete-old delete-old-libs you probably need >> to recompile all installed ports because of lib dependencies. >> >>> Have a go at this, you might find some use for it: >>> >>> ----------------------- >>> JAILSDIR=/usr/local/jails >>> >>> cd /usr/src >>> >>> for jail in `ls ${JAILSDIR}`; do >>> mergemaster -pD ${JAILSDIR}/${jail} >>> make installworld DESTDIR=${JAILSDIR}/${jail} >>> mergemaster -iD ${JAILSDIR}/${jail} >>> done >>> ----------------------- >> > From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 17:08:52 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8454F106564A for ; Sat, 2 Aug 2008 17:08:52 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.155]) by mx1.freebsd.org (Postfix) with ESMTP id 0DC768FC0C for ; Sat, 2 Aug 2008 17:08:51 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by fg-out-1718.google.com with SMTP id l26so1863921fgb.35 for ; Sat, 02 Aug 2008 10:08:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=ZNhLoHUV9Tllp55/bfb6VizWoYBeBR3e+it/KR2loTk=; b=kmiIOUFEPQT89ni2pILQN1lj1pc122dWvNT/geq4xSUw+nZlzanwSWPwFUu7fzYH2I MVUR2LfxmOZiObImaUPQRh1iA/A7UhA0FjOnGsemVKdVI2xOI5A9UjYNBe/eslOctI/u 7rw7kgjEWQkgHyQEMYGuOY1nvRjSxilH8ObAA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=aS+tDX2XwW2ixJB1gD/1XQ4A95pwocOvELZhSAQ9hq/uMPTlrG1fbcqIUAsrsy6PMK dY0iW8yxYeNlL4/NPTFDINDejfqoEx8Il3cHhc1J0vpoXkQJTu0Ijplfp9L0z3ty8YT2 Hnz5toKLke1ruzAN3muDHgfVPkqsqeyi+f55E= Received: by 10.103.223.9 with SMTP id a9mr4747694mur.87.1217696930891; Sat, 02 Aug 2008 10:08:50 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Sat, 2 Aug 2008 10:08:50 -0700 (PDT) Message-ID: Date: Sat, 2 Aug 2008 19:08:50 +0200 From: "Redd Vinylene" To: questions@freebsd.org, freebsd-jail@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: Subject: jail_box_ip="" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 17:08:52 -0000 Hey, I got a couple of hundred IPs, is there an easy way to add them all to jail_box_ip="ip1,ip2,ip3" without making like the longest line ever? Like this? jail_box_ip="66.252.2.4,\ 66.252.2.5,\ 66.252.2.6,\ Unfortunately that doesn't look too good. Nor does: export x=$(cat ips);export jail_ips=''; for ip in $x; do export jail_ips="$jail_ips,$ip"; done; export jail_ips=$(echo $jail_ips | sed s/,$/''/ | sed s/^,//); Is there a more beautiful alternative? Thanks! From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 17:17:38 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9A424106564A for ; Sat, 2 Aug 2008 17:17:38 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.155]) by mx1.freebsd.org (Postfix) with ESMTP id 206738FC12 for ; Sat, 2 Aug 2008 17:17:37 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by fg-out-1718.google.com with SMTP id l26so1867434fgb.35 for ; Sat, 02 Aug 2008 10:17:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=tNDv7CrkcFavrYRbNBPbCSxo4d11F5tR1vqdcce9Ymc=; b=NvvHtK6FuMmxpsEGG56eo1cCa7lRToaSpVRqg1wSBrdda7IFexn+99g6cF0474kyw4 l92C/CY2Ltqe25jw+ESMHq5cR6RyBFmTXeqkg4gHUatZmXPniev2qKq3i6G2ncGOUAVq kT/0AMqIAeVPuBDOcOi5HZN4HZ8PEXRAQAnY8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=XCQVv6se8HeEGiRtEbGPL+WtPWXjyMTvcELDLSnTXpnc0bKnFTwdoqk0Gl/jm90Jrw h/LLSy17U1hli0TfpxnScFqE8xa0CuPss7KPgq/W4Qo+MA64BtPz8gi2ebDxip0pUxV3 5Xf4Lcjuy1L/zCPD2rEfwsczxC5oM/uiXxovc= Received: by 10.103.213.19 with SMTP id p19mr4760145muq.70.1217697456885; Sat, 02 Aug 2008 10:17:36 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Sat, 2 Aug 2008 10:17:36 -0700 (PDT) Message-ID: Date: Sat, 2 Aug 2008 19:17:36 +0200 From: "Redd Vinylene" To: questions@freebsd.org, freebsd-jail@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Cc: Subject: Re: jail_box_ip="" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 17:17:38 -0000 Here's what I got so far: http://pastie.org/246189 And this is just wishful thinking I guess: http://pastie.org/246190 On Sat, Aug 2, 2008 at 7:08 PM, Redd Vinylene wrote: > Hey, I got a couple of hundred IPs, is there an easy way to add them > all to jail_box_ip="ip1,ip2,ip3" without making like the longest line > ever? > > Like this? > > jail_box_ip="66.252.2.4,\ > 66.252.2.5,\ > 66.252.2.6,\ > > Unfortunately that doesn't look too good. > > Nor does: > > export x=$(cat ips);export jail_ips=''; for ip in $x; do export > jail_ips="$jail_ips,$ip"; done; export jail_ips=$(echo $jail_ips | sed > s/,$/''/ | sed s/^,//); > > Is there a more beautiful alternative? > > Thanks! > -- http://www.home.no/reddvinylene From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 17:37:54 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C60841065676; Sat, 2 Aug 2008 17:37:54 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 287DF8FC0A; Sat, 2 Aug 2008 17:37:53 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.2/8.14.2) with ESMTP id m72Hbkit096965; Sat, 2 Aug 2008 18:37:48 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: Sendmail DKIM Filter v2.7.0 smtp.infracaninophile.co.uk m72Hbkit096965 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=infracaninophile.co.uk; s=200708; t=1217698668; bh=AC1ipECTabPf2S c1LtN8ycYRLzo77avwTk1j1OQDPQI=; h=Message-ID:Date:From:MIME-Version: To:CC:Subject:References:In-Reply-To:Content-Type:Cc:Content-Type: Date:From:In-Reply-To:Message-ID:Mime-Version:References:To; z=Mes sage-ID:=20<48949B5F.4070300@infracaninophile.co.uk>|Date:=20Sat,=2 002=20Aug=202008=2018:37:35=20+0100|From:=20Matthew=20Seaman=20|Organization:=20Infracaninophile|User -Agent:=20Thunderbird=202.0.0.16=20(X11/20080726)|MIME-Version:=201 .0|To:=20Redd=20Vinylene=20|CC:=20questions @freebsd.org,=20freebsd-jail@freebsd.org|Subject:=20Re:=20jail_box_ ip=3D""|References:=20|In-Reply-To:= 20|X-E nigmail-Version:=200.95.6|X-Enigmail-Version:=200.95.6|Content-Type :=20multipart/signed=3B=20micalg=3Dpgp-sha256=3B=0D=0A=20protocol=3 D"application/pgp-signature"=3B=0D=0A=20boundary=3D"------------eni g9ECDFE44CF1717F897ADFB13"; b=xHHnfHjoG8pYyjM6Gq9m8rUUrdfcxiU75Ptn2 Af1BH9xdYpzw1ZyGC8heEk6Z7WzMB4VSh2O0JFW2559cJDbKvI8rpnImbDQhZEM8mL7 k+LigPnw9L64bzpqd1k/RdpP0s8KUEZeAvDQXdYPA/IgbnMOyJ6gQYqZMcMe/de5VCw = Message-ID: <48949B5F.4070300@infracaninophile.co.uk> Date: Sat, 02 Aug 2008 18:37:35 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 2.0.0.16 (X11/20080726) MIME-Version: 1.0 To: Redd Vinylene References: In-Reply-To: X-Enigmail-Version: 0.95.6 X-Enigmail-Version: 0.95.6 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig9ECDFE44CF1717F897ADFB13" X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (smtp.infracaninophile.co.uk [IPv6:::1]); Sat, 02 Aug 2008 18:37:48 +0100 (BST) X-Virus-Scanned: ClamAV 0.93.3/7915/Sat Aug 2 04:45:09 2008 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-3.0 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VERIFIED,NO_RELAYS autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on happy-idiot-talk.infracaninophile.co.uk Cc: freebsd-jail@freebsd.org, questions@freebsd.org Subject: Re: jail_box_ip="" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 17:37:54 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig9ECDFE44CF1717F897ADFB13 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Redd Vinylene wrote: > Hey, I got a couple of hundred IPs, is there an easy way to add them > all to jail_box_ip=3D"ip1,ip2,ip3" without making like the longest line= > ever? >=20 > Like this? >=20 > jail_box_ip=3D"66.252.2.4,\ > 66.252.2.5,\ > 66.252.2.6,\ >=20 > Unfortunately that doesn't look too good. >=20 > Nor does: >=20 > export x=3D$(cat ips);export jail_ips=3D''; for ip in $x; do export > jail_ips=3D"$jail_ips,$ip"; done; export jail_ips=3D$(echo $jail_ips | = sed > s/,$/''/ | sed s/^,//); >=20 > Is there a more beautiful alternative? /etc/rc.conf is just /bin/sh code. All you need to do is set the variables -- usually by assigning a static string, but you can use whatever constructs you want. Well - within reason. Making something as critical as the system boot process depend on a bunch of other files or processes is not a good idea on the whole. You can include multi-line whitespace in the variables by using single=20 quotes: jail_box_ip=3D'66.252.2.4, 66.252.2.5, 66.252.2.6, 66.252.2.7' Assuming that the init script that processes this data isn't phased by the inclusion of a bit of whitespace. Or you can generate the required numbers, assuming they are consecutive: jail_box_ip=3D$( jot -w "66.252.2.%d" -s "," 5 4 ) Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------enig9ECDFE44CF1717F897ADFB13 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREIAAYFAkiUm2oACgkQ8Mjk52CukIxPfQCgicUz6ZnHAMgR6W6XLFcFlDdU NKQAn2U0jJauJIAvei1Bug3aQ95RcuPa =A+Wv -----END PGP SIGNATURE----- --------------enig9ECDFE44CF1717F897ADFB13-- From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 18:07:35 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6C281106568C for ; Sat, 2 Aug 2008 18:07:35 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.185]) by mx1.freebsd.org (Postfix) with ESMTP id E145E8FC1B for ; Sat, 2 Aug 2008 18:07:34 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so1161370mue.3 for ; Sat, 02 Aug 2008 11:07:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=DN0LuGIqaozeMlWDtpWGbc9e2towiFvSpC1CFRLfljU=; b=sum5pHUEBx0AEl47IrzHMDDJuN7PTuxmvUUd0xM/LEdjvruira6hGtPeM+k4xXNnqS WCDMsInYVgE6657GiQZIUiclPAPLHAoKmBNQ4Gs+VH4jSVKtwsldf3kHPy67ETDqqG3h tDdltXiovzvakXygsZ/1JhPP426oyzcUKtFIY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=UuCFvy3WCNmNkJoZYgMf3tJP5LRzkf8ZQvu5upNSU7XVDueQHDrpqOAenogBy2kHVM 89tOSqwFz8yRMHniFN3XGdMMjmbACW7kYFhXzYAoVtwCjOZZxQW25yZfHyXvCY48DTfF MMT6OugaNZ67/gj+NhJ6sik/HTNve+TFvo2cU= Received: by 10.103.172.7 with SMTP id z7mr797901muo.40.1217700453540; Sat, 02 Aug 2008 11:07:33 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Sat, 2 Aug 2008 11:07:33 -0700 (PDT) Message-ID: Date: Sat, 2 Aug 2008 20:07:33 +0200 From: "Redd Vinylene" To: "Matthew Seaman" In-Reply-To: <48949B5F.4070300@infracaninophile.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <48949B5F.4070300@infracaninophile.co.uk> Cc: freebsd-jail@freebsd.org, questions@freebsd.org Subject: Re: jail_box_ip="" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 18:07:35 -0000 jail_box_ip=$( jot -w "66.252.2.%d" -s "," 124 4 ) What a gorgeous solution ;) Thanks man! On Sat, Aug 2, 2008 at 7:37 PM, Matthew Seaman wrote: > Redd Vinylene wrote: >> >> Hey, I got a couple of hundred IPs, is there an easy way to add them >> all to jail_box_ip="ip1,ip2,ip3" without making like the longest line >> ever? >> >> Like this? >> >> jail_box_ip="66.252.2.4,\ >> 66.252.2.5,\ >> 66.252.2.6,\ >> >> Unfortunately that doesn't look too good. >> >> Nor does: >> >> export x=$(cat ips);export jail_ips=''; for ip in $x; do export >> jail_ips="$jail_ips,$ip"; done; export jail_ips=$(echo $jail_ips | sed >> s/,$/''/ | sed s/^,//); >> >> Is there a more beautiful alternative? > > /etc/rc.conf is just /bin/sh code. All you need to do is set > the variables -- usually by assigning a static string, but you > can use whatever constructs you want. Well - within reason. Making > something as critical as the system boot process depend on a bunch of > other files or processes is not a good idea on the whole. > > You can include multi-line whitespace in the variables by using single > quotes: > > jail_box_ip='66.252.2.4, > 66.252.2.5, > 66.252.2.6, > 66.252.2.7' > > Assuming that the init script that processes this data isn't phased > by the inclusion of a bit of whitespace. > > Or you can generate the required numbers, assuming they are > consecutive: > > jail_box_ip=$( jot -w "66.252.2.%d" -s "," 5 4 ) > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > Kent, CT11 9PW > > -- http://www.home.no/reddvinylene From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 18:10:24 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 94FDA1065684 for ; Sat, 2 Aug 2008 18:10:24 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.186]) by mx1.freebsd.org (Postfix) with ESMTP id 0D7F78FC1B for ; Sat, 2 Aug 2008 18:10:23 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so1161969mue.3 for ; Sat, 02 Aug 2008 11:10:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=RbAx4SPPujQHe87SYGvFNJP127wiVPgdVVsWLhStHA0=; b=KSP99BKXwYxogHtTJcXIeMhQLrc6eYm7+6SZLp7B6qGxLvh5UPDjbC0jXIn+S9RNbc oC4B/RcMASrNzG7aePLrB9PlZQE4GzANv5qNFEWPFavx6hd/HJFGZa6DT+fNrX01LC+5 KPQMFZ6i8ZmC9mzCzQuqq/d7uaPR2N9/5LPPw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=eq25z5MCgQc1v4qIzu6cOxFSCvDzmlfYaKddcO09Ium6wCeUaUFHfbUGT6O6ZcqrWP oI73DkeJFWniL2xVOk/HyVQ7bE5ndWs/Bwfgk+kUhsgH2ETKDE/fcduM0iuW8CpRMdpY 3hqb340tRqX5NGf95Q/WeZxg3h+bgTzWdSS70= Received: by 10.103.198.20 with SMTP id a20mr4768898muq.56.1217700622379; Sat, 02 Aug 2008 11:10:22 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Sat, 2 Aug 2008 11:10:22 -0700 (PDT) Message-ID: Date: Sat, 2 Aug 2008 20:10:22 +0200 From: "Redd Vinylene" To: "Matthew Seaman" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <48949B5F.4070300@infracaninophile.co.uk> Cc: freebsd-jail@freebsd.org, questions@freebsd.org Subject: Re: jail_box_ip="" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 18:10:24 -0000 Can something similar be used for my ifconfig_rl0_aliasN="inet 66.252.2.N netmask 255.255.255.255" as well? On Sat, Aug 2, 2008 at 8:07 PM, Redd Vinylene wrote: > jail_box_ip=$( jot -w "66.252.2.%d" -s "," 124 4 ) > > What a gorgeous solution ;) > > Thanks man! > > On Sat, Aug 2, 2008 at 7:37 PM, Matthew Seaman > wrote: >> Redd Vinylene wrote: >>> >>> Hey, I got a couple of hundred IPs, is there an easy way to add them >>> all to jail_box_ip="ip1,ip2,ip3" without making like the longest line >>> ever? >>> >>> Like this? >>> >>> jail_box_ip="66.252.2.4,\ >>> 66.252.2.5,\ >>> 66.252.2.6,\ >>> >>> Unfortunately that doesn't look too good. >>> >>> Nor does: >>> >>> export x=$(cat ips);export jail_ips=''; for ip in $x; do export >>> jail_ips="$jail_ips,$ip"; done; export jail_ips=$(echo $jail_ips | sed >>> s/,$/''/ | sed s/^,//); >>> >>> Is there a more beautiful alternative? >> >> /etc/rc.conf is just /bin/sh code. All you need to do is set >> the variables -- usually by assigning a static string, but you >> can use whatever constructs you want. Well - within reason. Making >> something as critical as the system boot process depend on a bunch of >> other files or processes is not a good idea on the whole. >> >> You can include multi-line whitespace in the variables by using single >> quotes: >> >> jail_box_ip='66.252.2.4, >> 66.252.2.5, >> 66.252.2.6, >> 66.252.2.7' >> >> Assuming that the init script that processes this data isn't phased >> by the inclusion of a bit of whitespace. >> >> Or you can generate the required numbers, assuming they are >> consecutive: >> >> jail_box_ip=$( jot -w "66.252.2.%d" -s "," 5 4 ) >> >> Cheers, >> >> Matthew >> >> -- >> Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard >> Flat 3 >> PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate >> Kent, CT11 9PW >> >> > > > > -- > http://www.home.no/reddvinylene > -- http://www.home.no/reddvinylene From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 19:32:07 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 45EFE10656C4; Sat, 2 Aug 2008 19:32:07 +0000 (UTC) (envelope-from lars+lister.freebsd@adventuras.no) Received: from mail.adventuras.no (mail.adventuras.no [194.63.250.215]) by mx1.freebsd.org (Postfix) with ESMTP id B66E38FC0A; Sat, 2 Aug 2008 19:32:06 +0000 (UTC) (envelope-from lars+lister.freebsd@adventuras.no) X-Adv-Watermark: 1218309373.913@FxOu1H9UVNxK4511aRTtHw Received: from ladyda.hovin.local (hjem [84.215.93.99]) (authenticated bits=0) by mail.adventuras.no (8.14.3/8.14.3) with ESMTP id m72JG4ZZ020298 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 2 Aug 2008 21:16:10 +0200 (CEST) (envelope-from lars+lister.freebsd@adventuras.no) Authentication-Results: mail.adventuras.no; sender-id=none header.from=lars+lister.freebsd@adventuras.no; auth=pass (CRAM-MD5); spf=none smtp.mfrom=lars+lister.freebsd@adventuras.no Message-ID: <4894B274.7060308@adventuras.no> Date: Sat, 02 Aug 2008 21:16:04 +0200 From: Lars Kristiansen User-Agent: Thunderbird 2.0.0.16 (X11/20080727) MIME-Version: 1.0 To: Redd Vinylene References: <48949B5F.4070300@infracaninophile.co.uk> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-MailScanner-ID: m72JG4ZZ020298 X-Adventuras: du kan filtrere etter AdvSpamScore over 5-10 X-Adventuras-SpamCheck: not spam, SpamAssassin (not cached, score=-4.618, required 6, autolearn=not spam, ALL_TRUSTED -1.80, AWL -0.22, BAYES_00 -2.60) X-MailScanner-From: lars+lister.freebsd@adventuras.no X-Spam-Status: No Cc: freebsd-jail@freebsd.org, questions@freebsd.org Subject: Re: jail_box_ip="" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 19:32:07 -0000 Redd Vinylene skrev: > Can something similar be used for my > > ifconfig_rl0_aliasN="inet 66.252.2.N netmask 255.255.255.255" > > as well? > This is not as elegant, but may help in a similar way: alia=-1; while [ "$alia" -lt '123' ] ; do alia=$(($alia+1)) ; ips=$(($alia+4)) ; echo "ifconfig_rl0_alias$alia=\"inet 66.252.2.$ips netmask 255.255.255.255\"" ; done Regards Lars, arbeidsøkende, Oslo > On Sat, Aug 2, 2008 at 8:07 PM, Redd Vinylene wrote: >> jail_box_ip=$( jot -w "66.252.2.%d" -s "," 124 4 ) >> >> What a gorgeous solution ;) >> >> Thanks man! >> >> On Sat, Aug 2, 2008 at 7:37 PM, Matthew Seaman >> wrote: >>> Redd Vinylene wrote: >>>> Hey, I got a couple of hundred IPs, is there an easy way to add them >>>> all to jail_box_ip="ip1,ip2,ip3" without making like the longest line >>>> ever? >>>> >>>> Like this? >>>> >>>> jail_box_ip="66.252.2.4,\ >>>> 66.252.2.5,\ >>>> 66.252.2.6,\ >>>> >>>> Unfortunately that doesn't look too good. >>>> >>>> Nor does: >>>> >>>> export x=$(cat ips);export jail_ips=''; for ip in $x; do export >>>> jail_ips="$jail_ips,$ip"; done; export jail_ips=$(echo $jail_ips | sed >>>> s/,$/''/ | sed s/^,//); >>>> >>>> Is there a more beautiful alternative? >>> /etc/rc.conf is just /bin/sh code. All you need to do is set >>> the variables -- usually by assigning a static string, but you >>> can use whatever constructs you want. Well - within reason. Making >>> something as critical as the system boot process depend on a bunch of >>> other files or processes is not a good idea on the whole. >>> >>> You can include multi-line whitespace in the variables by using single >>> quotes: >>> >>> jail_box_ip='66.252.2.4, >>> 66.252.2.5, >>> 66.252.2.6, >>> 66.252.2.7' >>> >>> Assuming that the init script that processes this data isn't phased >>> by the inclusion of a bit of whitespace. >>> >>> Or you can generate the required numbers, assuming they are >>> consecutive: >>> >>> jail_box_ip=$( jot -w "66.252.2.%d" -s "," 5 4 ) >>> >>> Cheers, >>> >>> Matthew >>> >>> -- >>> Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard >>> Flat 3 >>> PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate >>> Kent, CT11 9PW >>> >>> >> >> >> -- >> http://www.home.no/reddvinylene >> > > > From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 20:22:55 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3392B106566C for ; Sat, 2 Aug 2008 20:22:55 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.188]) by mx1.freebsd.org (Postfix) with ESMTP id 9965E8FC18 for ; Sat, 2 Aug 2008 20:22:54 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so1189806mue.3 for ; Sat, 02 Aug 2008 13:22:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=8sugP+tl6fVBCkVbDP65o4mqIj0lOrnVjTTcINtf8so=; b=Aa8VPWFeZtu08245R1rSZOhOsn2sXaoSbM/4bWyhHC3nHm697OnITmAlNUaoRI0OiF NS3OjwUNElTqVPnrCIeTLz+v5UyLCEfL66PeWB36n4vu+VLYbcuSsaBp4sR9mjtm47Z2 f/nO4MS5rYTJJ35FWz3TUENYpSIbRrX6bDbaA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=juh0vEU+XkvSxvus1mO/BwjtiUjMWqIOYsbLVnxvey0dq+GcF2wrXuCDVNNreW0+vl HRoBW+e1UPR0UVL7sf6KWNWerHW1b5fs54/GNE0+GTDCo/QhgDwSoWQuFuVMj7HDd5Y5 GRQO9aXqpDW6xUfA81mIrOJJ92l5FBr1yz3aM= Received: by 10.103.176.2 with SMTP id d2mr4794994mup.112.1217708573183; Sat, 02 Aug 2008 13:22:53 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Sat, 2 Aug 2008 13:22:53 -0700 (PDT) Message-ID: Date: Sat, 2 Aug 2008 22:22:53 +0200 From: "Redd Vinylene" To: m.seaman@infracaninophile.co.uk In-Reply-To: <4894B274.7060308@adventuras.no> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <48949B5F.4070300@infracaninophile.co.uk> <4894B274.7060308@adventuras.no> Cc: freebsd-jail@freebsd.org, questions@freebsd.org Subject: Re: jail_box_ip="" X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 20:22:55 -0000 Actually: jail_box_ip=3D$( jot -w "66.252.2.%d" -s "," 124 4 ) gives me: Aug 2 20:10:50 mother root: /etc/rc: WARNING: devfs_set_ruleset: you must specify a ruleset number Aug 2 20:10:58 mother root: /etc/rc: ERROR: jail: No IP address has been defined for box On Sat, Aug 2, 2008 at 9:16 PM, Lars Kristiansen wrote: > Redd Vinylene skrev: >> >> Can something similar be used for my >> >> ifconfig_rl0_aliasN=3D"inet 66.252.2.N netmask 255.255.255.255" >> >> as well? >> > > This is not as elegant, but may help in a similar way: > > alia=3D-1; > while [ "$alia" -lt '123' ] ; do > alia=3D$(($alia+1)) ; > ips=3D$(($alia+4)) ; > echo "ifconfig_rl0_alias$alia=3D\"inet 66.252.2.$ips netmask > 255.255.255.255\"" ; > done > > > Regards > Lars, > arbeids=F8kende, Oslo > > >> On Sat, Aug 2, 2008 at 8:07 PM, Redd Vinylene >> wrote: >>> >>> jail_box_ip=3D$( jot -w "66.252.2.%d" -s "," 124 4 ) >>> >>> What a gorgeous solution ;) >>> >>> Thanks man! >>> >>> On Sat, Aug 2, 2008 at 7:37 PM, Matthew Seaman >>> wrote: >>>> >>>> Redd Vinylene wrote: >>>>> >>>>> Hey, I got a couple of hundred IPs, is there an easy way to add them >>>>> all to jail_box_ip=3D"ip1,ip2,ip3" without making like the longest li= ne >>>>> ever? >>>>> >>>>> Like this? >>>>> >>>>> jail_box_ip=3D"66.252.2.4,\ >>>>> 66.252.2.5,\ >>>>> 66.252.2.6,\ >>>>> >>>>> Unfortunately that doesn't look too good. >>>>> >>>>> Nor does: >>>>> >>>>> export x=3D$(cat ips);export jail_ips=3D''; for ip in $x; do export >>>>> jail_ips=3D"$jail_ips,$ip"; done; export jail_ips=3D$(echo $jail_ips = | sed >>>>> s/,$/''/ | sed s/^,//); >>>>> >>>>> Is there a more beautiful alternative? >>>> >>>> /etc/rc.conf is just /bin/sh code. All you need to do is set >>>> the variables -- usually by assigning a static string, but you >>>> can use whatever constructs you want. Well - within reason. Making >>>> something as critical as the system boot process depend on a bunch of >>>> other files or processes is not a good idea on the whole. >>>> >>>> You can include multi-line whitespace in the variables by using single >>>> quotes: >>>> >>>> jail_box_ip=3D'66.252.2.4, >>>> 66.252.2.5, >>>> 66.252.2.6, >>>> 66.252.2.7' >>>> >>>> Assuming that the init script that processes this data isn't phased >>>> by the inclusion of a bit of whitespace. >>>> >>>> Or you can generate the required numbers, assuming they are >>>> consecutive: >>>> >>>> jail_box_ip=3D$( jot -w "66.252.2.%d" -s "," 5 4 ) >>>> >>>> Cheers, >>>> >>>> Matthew >>>> >>>> -- >>>> Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard >>>> Flat 3 >>>> PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate >>>> Kent, CT11 9PW >>>> >>>> >>> >>> >>> -- >>> http://www.home.no/reddvinylene >>> >> >> >> > > --=20 http://www.home.no/reddvinylene From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 21:43:41 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 96412106566B for ; Sat, 2 Aug 2008 21:43:41 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.189]) by mx1.freebsd.org (Postfix) with ESMTP id 1A1248FC0C for ; Sat, 2 Aug 2008 21:43:40 +0000 (UTC) (envelope-from reddvinylene@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so1207824mue.3 for ; Sat, 02 Aug 2008 14:43:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=LnDX3mOP5cZGo9fl5ZB04xUM5lFW68aKVxx+ZuaTypg=; b=xwIQpypVQkEFEH0DcT6SnckHkJSgo3u4G/mHOIBlMYKkArwSkH4DoaRWG6B7+HnTRS 9uc7JZXkquHqCHNnBp2EXF0iyk8idrv42Ey6XW3t6baOitaCofFZuQn1yyvV2cjF+w/R i2mIFs5/PVKdKf2ZqRzjsdUTygWCLKCzEab44= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=LGHk573TqdI3CDGLhS1gpJoaJ2y+44h6z3UO0v2Ru+ZaawzZztwWPiPjY+AAt3Xg9w YLSnBDesgo/hEUtaIbn7SLhX9rQP8LCkoOTXixpRo/FH+UKD6KFxgfDBrWkJZanDsgDp n12a07tR/CVoGrgWEBITfac23L8tYAmDQKUUI= Received: by 10.103.242.7 with SMTP id u7mr4809392mur.125.1217713419475; Sat, 02 Aug 2008 14:43:39 -0700 (PDT) Received: by 10.103.199.5 with HTTP; Sat, 2 Aug 2008 14:43:39 -0700 (PDT) Message-ID: Date: Sat, 2 Aug 2008 23:43:39 +0200 From: "Redd Vinylene" To: freebsd-jail@freebsd.org, "Bjoern A. Zeeb" MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Cc: Subject: Can't SSH into my jails after a makeworld X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 21:43:41 -0000 Greetings, I have a little problem here. I can't seem to SSH into my jails any longer, I get taken straight back to the mothership. jexec works though. The problem occurred after I did a makeworld (http://pastie.org/246273) on top of a fresh /usr/src with Bjoern's multiple IP patch from 20080727. Here's my mothership's rc.conf http://pastie.org/246290 Many thanks. I'm sorry about all this mess. -- http://www.home.no/reddvinylene From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 21:55:52 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 943041065676 for ; Sat, 2 Aug 2008 21:55:52 +0000 (UTC) (envelope-from mikhailg@webanoide.org) Received: from smtp.tal.navalradio.cl (smtp.tal.navalradio.cl [201.236.67.155]) by mx1.freebsd.org (Postfix) with ESMTP id 2507F8FC08 for ; Sat, 2 Aug 2008 21:55:51 +0000 (UTC) (envelope-from mikhailg@webanoide.org) Received: from [172.18.64.125] ([172.18.64.125]) (authenticated bits=0) by smtp.tal.navalradio.cl (8.13.8/8.13.8) with ESMTP id m72Ltc80011583 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 2 Aug 2008 21:55:43 GMT (envelope-from mikhailg@webanoide.org) Message-ID: <4894D7DA.101@webanoide.org> Date: Sat, 02 Aug 2008 17:55:38 -0400 From: Mikhail Goriachev Organization: Webanoide User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) MIME-Version: 1.0 To: Redd Vinylene References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" , freebsd-jail@freebsd.org Subject: Re: Can't SSH into my jails after a makeworld X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 21:55:52 -0000 Redd Vinylene wrote: > Greetings, > > I have a little problem here. I can't seem to SSH into my jails any > longer, I get taken straight back to the mothership. jexec works > though. > > The problem occurred after I did a makeworld > (http://pastie.org/246273) on top of a fresh /usr/src with Bjoern's > multiple IP patch from 20080727. Whenever you execute this: # csup /etc/cvsupfile The multi-ip patch goes away. You have to reapply the patch after you sync the sources. Regards, Mikhail. -- Mikhail Goriachev Webanoide From owner-freebsd-jail@FreeBSD.ORG Sat Aug 2 22:00:08 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B8CC81065679 for ; Sat, 2 Aug 2008 22:00:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id 6CA1E8FC1F for ; Sat, 2 Aug 2008 22:00:08 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 3D23541C7AB; Sun, 3 Aug 2008 00:00:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id PaBrW5+hzMte; Sun, 3 Aug 2008 00:00:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id BA54B41C7AA; Sun, 3 Aug 2008 00:00:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 58C9A4448D9; Sat, 2 Aug 2008 21:55:23 +0000 (UTC) Date: Sat, 2 Aug 2008 21:55:22 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Redd Vinylene In-Reply-To: Message-ID: <20080802215132.M88849@maildrop.int.zabbadoz.net> References: X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-jail@freebsd.org Subject: Re: Can't SSH into my jails after a makeworld X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-jail@freebsd.org List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2008 22:00:08 -0000 On Sat, 2 Aug 2008, Redd Vinylene wrote: Hi, > I have a little problem here. I can't seem to SSH into my jails any > longer, I get taken straight back to the mothership. jexec works > though. what does sysctl security.jail.jailed_sockets_first give? If you jexec into jail, does sshd actually run? Did it give an error/warning? What does netstat -an show? (in case this is long do not psate it into mail and/or make sure there are no extra line wraps). -- Bjoern A. Zeeb Stop bit received. Insert coin for new game.