From owner-freebsd-jail@FreeBSD.ORG Mon Aug 24 16:13:02 2009 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 67AFF1065692 for ; Mon, 24 Aug 2009 16:13:02 +0000 (UTC) (envelope-from stef-list@memberwebs.com) Received: from mail.npubs.com (mail.npubs.com [74.82.45.72]) by mx1.freebsd.org (Postfix) with ESMTP id 5B1368FC17 for ; Mon, 24 Aug 2009 16:13:02 +0000 (UTC) Resent-Message-Id: From: Stef Walter User-Agent: Thunderbird 2.0.0.23 (X11/20090817) MIME-Version: 1.0 To: Tobias Lott References: <20090824171716.4722c136@sub.han.vpn.gamesnet.de> Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP Resent-Date: Mon, 24 Aug 2009 16:13:02 +0000 (UTC) Resent-From: stef-list@memberwebs.com Cc: freebsd-jail@freebsd.org Subject: Re: Accessing Unix-Sockets from Jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: stef@memberwebs.com List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Mon, 24 Aug 2009 16:13:02 -0000 X-List-Received-Date: Mon, 24 Aug 2009 16:13:02 -0000 Tobias Lott wrote: > Good Day > > Just a short Question, I've noticed that I can access any Domain Socket > which is on the Host System within any Jail. OpenLDAP for example. > > jail1% ldapsearch -b dc=example,dc=com FWIW... slapd binds to 0.0.0.0 by default. Check 'sockstat -4' outside the jail to get a definitive answer on where it's listening. ldapsearch connects via TCP to localhost by default. Unless you've gone out of your way to change the defaults, it's unlikely that unix domain sockets are involved in this connection. Cheers, Stef