From owner-freebsd-questions  Wed Dec  4 10:16:38 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6877137B404
	for <freebsd-questions@FreeBSD.ORG>; Wed,  4 Dec 2002 10:16:37 -0800 (PST)
Received: from homer.bignose.ca (static-89-42.dsl.tht.net [216.126.89.42])
	by mx1.FreeBSD.org (Postfix) with SMTP id 88B9B43ECD
	for <freebsd-questions@FreeBSD.ORG>; Wed,  4 Dec 2002 10:16:33 -0800 (PST)
	(envelope-from jeff@interchange.ca)
Received: (qmail 21579 invoked from network); 4 Dec 2002 18:15:41 -0000
Received: from unknown (HELO jeffmfgsfzhqjc) (192.168.0.2)
  by 192.168.0.1 with SMTP; 4 Dec 2002 18:15:41 -0000
From: "Jeff MacDonald" <jeff@interchange.ca>
To: "Marc G. Fournier" <scrappy@hub.org>
Cc: "Alex Hayward" <xelah-freebsd@xelah.com>,
	<freebsd-questions@FreeBSD.ORG>
Subject: RE: Another Jail Question
Date: Wed, 4 Dec 2002 13:16:35 -0500
Message-ID: <HJEPJELDKPJEEIIFNLNHAECCCBAA.jeff@interchange.ca>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
In-Reply-To: <20021204130341.Q36076-100000@hub.org>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

> Note that the 'security risk' is more based on the trust level you have
> for your users ... if its just you, or you and a few friends, you
> shouldn't have an issue with it ... the one issue you will have with
> shared memory and jails is that I *believe* that Apache2 requires shared
> memory to work, so if you decide to start working with that, you have to
> open it up anyway ...

hrmm yeah, i do run apache 2 currently, so i guess it does need to be opened
up.

> processes inside of the jail only *see* the one IP, so binding to
> ADDR_IANY will only see the one IP to bind to ...
>
> One thing to note when  you are setting things up ... if you are using
> sendmail, make sure you sent DontProbeInterfaces to True (Default is
> false), else you get some weird results when not all jails are up and
> running ...

Sendmail == torture :)

I run qmail, cause combined with vpopmail, it kicks ass for virtual domains.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message