From owner-freebsd-jail@FreeBSD.ORG Sun Nov 25 09:46:34 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C2FCCC2F for ; Sun, 25 Nov 2012 09:46:34 +0000 (UTC) (envelope-from zaphod@berentweb.com) Received: from sam.nabble.com (sam.nabble.com [216.139.236.26]) by mx1.freebsd.org (Postfix) with ESMTP id 94BE58FC0C for ; Sun, 25 Nov 2012 09:46:34 +0000 (UTC) Received: from [192.168.236.26] (helo=sam.nabble.com) by sam.nabble.com with esmtp (Exim 4.72) (envelope-from ) id 1TcYnJ-0003Ti-M3 for freebsd-jail@freebsd.org; Sun, 25 Nov 2012 01:46:33 -0800 Date: Sun, 25 Nov 2012 01:46:33 -0800 (PST) From: Beeblebrox To: freebsd-jail@freebsd.org Message-ID: <1353836793676-5763946.post@n5.nabble.com> In-Reply-To: <1353228642821-5761961.post@n5.nabble.com> References: <1352457514352-5759501.post@n5.nabble.com> <50A51022.5000801@FreeBSD.org> <1353228642821-5761961.post@n5.nabble.com> Subject: Re: Recent jail problems [was: ICMP RAW socket error] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Nov 2012 09:46:34 -0000 I'm probably overlooking certain things with this question, but there seems to be a number of places to make jail-specific adjustments / settings. The options available are: host /etc/rc.conf host /etc/sysctl.conf host /etc/devfs.rules host /etc/jail.conf Q1: With regards to getting around this problem (jail_xyz_parameters="allow.raw_sockets"), I tried placing this in /etc/rc.conf but I also had in /etc/sysctl.conf: security.jail.allow_raw_sockets=1 security.jail.socket_unixiproute_only=1 Maybe the 2 settings are in conflict? Q2: As far as I understand, jail related things in rc.conf, sysctl.conf and devfs.rules should now be migrated to jail.conf - Is that correct? Thanks. -- View this message in context: http://freebsd.1045724.n5.nabble.com/ICMP-RAW-socket-error-tp5759501p5763946.html Sent from the freebsd-jail mailing list archive at Nabble.com.