From owner-freebsd-current@FreeBSD.ORG Tue Jun 3 08:45:14 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id EF05D80D for ; Tue, 3 Jun 2014 08:45:14 +0000 (UTC) Received: from sam.nabble.com (sam.nabble.com [216.139.236.26]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C1A8A2E45 for ; Tue, 3 Jun 2014 08:45:14 +0000 (UTC) Received: from [192.168.236.26] (helo=sam.nabble.com) by sam.nabble.com with esmtp (Exim 4.72) (envelope-from ) id 1WrkLI-0004jp-NT for freebsd-current@freebsd.org; Tue, 03 Jun 2014 01:45:12 -0700 Date: Tue, 3 Jun 2014 01:45:12 -0700 (PDT) From: Beeblebrox To: freebsd-current@freebsd.org Message-ID: <1401785112698-5917336.post@n5.nabble.com> In-Reply-To: <9A0F870A-0DF1-4C02-A0EB-5D23A730191D@FreeBSD.org> References: <1401778952788-5917302.post@n5.nabble.com> <9A0F870A-0DF1-4C02-A0EB-5D23A730191D@FreeBSD.org> Subject: Re: jail sockstat shows gdnc, gdomap, casperd as enabled MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jun 2014 08:45:15 -0000 >> I'd strongly recommend firewalling (Both gdomap and gdnc) off from the outside world. I want to completely disable them, not just for the above, but also because they unnecessarily consume memory. It adds up when you have 5-6 jails running. @Trond: Point taken for casperd - I'll keep it in my jails. The /usr/local mount_nullfs to the jail is what seems to cause this. I modified one of the jail's fstab and disabled the service it was running in rc.conf. The differences in start-up are obvious. A. /usr/local mount disabled jail -c http http: created Creating and/or trimming log files. ln: /dev/log: Operation not permitted Starting syslogd. ELF ldconfig path: /lib /usr/lib /usr/lib/compat 32-bit compatibility ldconfig path: /usr/lib32 Starting casperd. Clearing /tmp. Starting cron. B. When mounting "/usr/local jailname/usr/local nullfs ro 0 0" jail -c http http: created ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/GNUstep/Local/Library/Libraries /usr/local/GNUstep/System/Library/Libraries /usr/local/lib/R/lib /usr/local/lib/ardour2 /usr/local/lib/ardour2/surfaces /usr/local/lib/event2 /usr/local/lib/ffmpeg0 /usr/local/lib/gcc47 /usr/local/lib/gegl-0.2 /usr/local/lib/gnutls3 /usr/local/lib/graphviz /usr/local/lib/httrack /usr/local/lib/libxul /usr/local/lib/mysql /usr/local/lib/nss /usr/local/lib/portaudio2 /usr/local/lib/pth /usr/local/lib/qt4 /usr/local/lib/virtualbox /usr/local/llvm33/lib 32-bit compatibility ldconfig path: /usr/lib32 /usr/local/lib32 /usr/local/lib32/wine Creating and/or trimming log files. ln: /dev/log: Operation not permitted Starting syslogd. Starting casperd. Clearing /tmp. /usr/local/etc/rc.d/gkrellmd: set_rcvar: not found /etc/rc: WARNING: run_rc_command: cannot run /usr/local/sbin/gkrellmd /etc/rc: WARNING: $pfstatd_enable is not set properly - see rc.conf(5). Starting cron. Local package initialization: GNUstep/usr/local/etc/rc.d/jail.sh: /usr/local/sbin/jail_ps: not found jails. C. Shutting it down jail -r http Shutting down local packages:/usr/local/etc/rc.d/jail.sh: /usr/local/sbin/jail_ps: not found GNUstep. Stopping cron. Waiting for PIDS: 1704. /etc/rc.shutdown: WARNING: $pfstatd_enable is not set properly - see rc.conf(5). /usr/local/etc/rc.d/gkrellmd: set_rcvar: not found Stopping casperd. Waiting for PIDS: 1581. Terminated http: removed ----- FreeBSD-11-current_amd64_root-on-zfs_RadeonKMS -- View this message in context: http://freebsd.1045724.n5.nabble.com/jail-sockstat-shows-gdnc-gdomap-casperd-as-enabled-tp5917302p5917336.html Sent from the freebsd-current mailing list archive at Nabble.com.