From owner-freebsd-security Tue May 8 14:59:17 2001 Delivered-To: freebsd-security@freebsd.org Received: from moo.udder.org (moo.udder.org [207.183.249.210]) by hub.freebsd.org (Postfix) with ESMTP id 5EB8737B43C for ; Tue, 8 May 2001 14:59:11 -0700 (PDT) (envelope-from dave@moo.udder.org) Received: (from dave@localhost) by moo.udder.org id f48Lwks15578; Tue, 8 May 2001 14:58:46 -0700 (PDT) Date: Tue, 8 May 2001 14:58:46 -0700 From: Dave Whitaker To: Attila Nagy Cc: freebsd-security@freebsd.org Subject: Re: Jails and FreeBSD4.3 Message-ID: <20010508145846.B74154@moo.udder.org> Mail-Followup-To: Attila Nagy , freebsd-security@freebsd.org References: <20010507132904.E33043@moo.udder.org> <20010508200734.B61277-100000@scribble.fsn.hu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010508200734.B61277-100000@scribble.fsn.hu>; from bra@fsn.hu on Tue, May 08, 2001 at 08:09:36PM +0200 Organization: Quiknet Inc. Roseville, CA X-Operating-System: FreeBSD moo.udder.org 3.5-STABLE i386 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Atilla: I use Apache with mod_vhost_alias. I have two IPs bound for all of the regular sites, plus each SSL key I have requires its own IP. This immediately throws the use of jails away for now. However, I use the two IPs for mod_vhost_alias liek this: 1. point domain.com to one ip 2. point www.domain.com to another 3. Set two different VirtualDocumentRoot's so that both www.domain.com and domain.com pull up the same site. ie: VirtualDocumentRoot /rz/webs/%2.1/%2/public_html will pull up www.domain.com and VirtualDocumentRoot /rz/webs/%1.1/%0/public_html will pull up domain.com The configuration makes the apache config a lot cleaner, especially when hosting thousands of sites. You may be able to do this some other way, but that's what I'm doing now. Regards, Dave On Tue, May 08, 2001 at 08:09:36PM +0200, Attila Nagy wrote: > Hello, > > > Yeah, it would be nice if you could bind the jail to a list of IPs > > or whatever. It seems like it would be the kind of functionality that > > would be desired by more people than just be. Right now, it's the > > only thing preventing me from moving anything over to a jail. Almost > > every service I run needs more than one IP.My $0.02. > I misunderstood hte original question, I thought of a name based apache > vhost running on multiple IPs, not IP based vhosts... > > -------------------------------------------------------------------------- > Attila Nagy e-mail: Attila.Nagy@fsn.hu > Budapest Polytechnic (BMF.HU) @work: +361 210 1415 (194) > H-1084 Budapest, Tavaszmezo u. 15-17. cell.: +3630 306 6758 > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message