Date: Fri, 23 Aug 2013 09:35:43 -0500 (CDT) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: "Mike C." <miguelmclara@gmail.com> Cc: freebsd-jail@freebsd.org Subject: Re: connect -1 errno 1 Operation not permitted with specific user (nagios) Message-ID: <53156.128.135.70.2.1377268543.squirrel@cosmo.uchicago.edu> In-Reply-To: <52177C19.6040909@gmail.com> References: <52177C19.6040909@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
To the best of my knowledge, raw sockets are not allowed inside jail by default. This might be your problem (as far as I know how nagios works). To allow raw sockets you can do sysctl security.jail.allow_raw_sockets=1 then you need to restart at least the jail inside which your nagios instance lives. To make the above enabled at boot time you can add the following line into /etc/sysctl.conf security.jail.allow_raw_sockets=1 BTW, beware: this affects all jails. I hope, this helps. Thanks. Valeri On Fri, August 23, 2013 10:13 am, Mike C. wrote: > > I'm having a problem with nagios under a jail... commands works has root > and another normal user I created (its not even in the wheel group) > > running commands such has "check_http" get me a Operation not permited, > with ktrace I was able to confirm the probelm: > connect -1 errno 1 Operation not permitted > > > The thing is this only happens with the user nagios and I can not figure > out why! > > I'm very new to jails, so I'm user I'm possibly missing something > trivial, but I would appreciate an help! > > What could be different about the user to not allow "connect" ? > > Many thanks > > _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53156.128.135.70.2.1377268543.squirrel>