Date: Wed, 23 Oct 2013 15:16:30 +0800 From: "Mars G. Miro" <spry@anarchy.in.the.ph> To: freebsd-jail@freebsd.org Subject: raw sockets on 8.4 jails Message-ID: <526777CE.8010600@anarchy.in.the.ph>
next in thread | raw e-mail | index | archive | help
Hi list, On a jail on FreeBSD 8.4R-p4 root@waspb1:~# ping -a 4.2.2.2 ping: socket: Operation not permitted root@waspb1:~# nc -uv 4.2.2.2 53 Connection to 4.2.2.2 53 port [udp/domain] succeeded! ^C root@waspb1:~# sysctl security.jail.jailed security.jail.jailed: 1 root@waspb1:~# But I have set it properly on the host: mars@wasp:~% sysctl -a | grep jail security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.children.max: 0 security.jail.param.children.cur: 0 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.enforce_statfs: 2 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 1 security.jail.allow_raw_sockets: 1 security.jail.sysvipc_allowed: 1 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 mars@wasp:~% uname -a FreeBSD wasp.spry.lan 8.4-RELEASE-p4 FreeBSD 8.4-RELEASE-p4 #0: Sun Oct 20 16:37:42 PHT 2013 root@XXX:/usr/obj/usr/src/sys/WASP amd64 mars@wasp:~% On an 8.3R-p11 machine it works fine. Problem ? -- When you were born, a big chance was taken for you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?526777CE.8010600>