Date: Tue, 3 Jun 2014 01:45:12 -0700 (PDT) From: Beeblebrox <zaphod@berentweb.com> To: freebsd-current@freebsd.org Subject: Re: jail sockstat shows gdnc, gdomap, casperd as enabled Message-ID: <1401785112698-5917336.post@n5.nabble.com> In-Reply-To: <9A0F870A-0DF1-4C02-A0EB-5D23A730191D@FreeBSD.org> References: <1401778952788-5917302.post@n5.nabble.com> <alpine.BSF.2.00.1406030942300.32596@mail.fig.ol.no> <CAPSTskvinNHikXn3R%2BnsA%2BCg8Dvy39TUkFj5JgFeJnOrOYv8kA@mail.gmail.com> <9A0F870A-0DF1-4C02-A0EB-5D23A730191D@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>> I'd strongly recommend firewalling (Both gdomap and gdnc) off from the outside world. I want to completely disable them, not just for the above, but also because they unnecessarily consume memory. It adds up when you have 5-6 jails running. @Trond: Point taken for casperd - I'll keep it in my jails. The /usr/local mount_nullfs to the jail is what seems to cause this. I modified one of the jail's fstab and disabled the service it was running in rc.conf. The differences in start-up are obvious. A. /usr/local mount disabled jail -c http http: created Creating and/or trimming log files. ln: /dev/log: Operation not permitted Starting syslogd. ELF ldconfig path: /lib /usr/lib /usr/lib/compat 32-bit compatibility ldconfig path: /usr/lib32 Starting casperd. Clearing /tmp. Starting cron. B. When mounting "/usr/local jailname/usr/local nullfs ro 0 0" jail -c http http: created ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/GNUstep/Local/Library/Libraries /usr/local/GNUstep/System/Library/Libraries /usr/local/lib/R/lib /usr/local/lib/ardour2 /usr/local/lib/ardour2/surfaces /usr/local/lib/event2 /usr/local/lib/ffmpeg0 /usr/local/lib/gcc47 /usr/local/lib/gegl-0.2 /usr/local/lib/gnutls3 /usr/local/lib/graphviz /usr/local/lib/httrack /usr/local/lib/libxul /usr/local/lib/mysql /usr/local/lib/nss /usr/local/lib/portaudio2 /usr/local/lib/pth /usr/local/lib/qt4 /usr/local/lib/virtualbox /usr/local/llvm33/lib 32-bit compatibility ldconfig path: /usr/lib32 /usr/local/lib32 /usr/local/lib32/wine Creating and/or trimming log files. ln: /dev/log: Operation not permitted Starting syslogd. Starting casperd. Clearing /tmp. /usr/local/etc/rc.d/gkrellmd: set_rcvar: not found /etc/rc: WARNING: run_rc_command: cannot run /usr/local/sbin/gkrellmd /etc/rc: WARNING: $pfstatd_enable is not set properly - see rc.conf(5). Starting cron. Local package initialization: GNUstep/usr/local/etc/rc.d/jail.sh: /usr/local/sbin/jail_ps: not found jails. C. Shutting it down jail -r http Shutting down local packages:/usr/local/etc/rc.d/jail.sh: /usr/local/sbin/jail_ps: not found GNUstep. Stopping cron. Waiting for PIDS: 1704. /etc/rc.shutdown: WARNING: $pfstatd_enable is not set properly - see rc.conf(5). /usr/local/etc/rc.d/gkrellmd: set_rcvar: not found Stopping casperd. Waiting for PIDS: 1581. Terminated http: removed ----- FreeBSD-11-current_amd64_root-on-zfs_RadeonKMS -- View this message in context: http://freebsd.1045724.n5.nabble.com/jail-sockstat-shows-gdnc-gdomap-casperd-as-enabled-tp5917302p5917336.html Sent from the freebsd-current mailing list archive at Nabble.com.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1401785112698-5917336.post>