Date: Sun, 31 Aug 2008 22:01:10 +0300 From: "tethys ocean" <tethys.ocean@gmail.com> To: "Robert Watson" <rwatson@freebsd.org> Cc: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: jail stop extracting iso file Message-ID: <235b80000808311201x1afc099t3b0af9615369fcd3@mail.gmail.com> In-Reply-To: <alpine.BSF.1.10.0808310031400.34812@fledge.watson.org> References: <235b80000808301408v49e91675se91a257e257537fc@mail.gmail.com> <alpine.BSF.1.10.0808310031400.34812@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Ý see, i should extract this iso image (not using tar) may i close this jail? and can i restart correctly? i am hesitate since squid in running on jail? process is like [root@finn /etc]# ps ax -o pid,jid,args PID JID COMMAND 8415 0 /usr/local/sbin/httpd -k start 10414 0 sshd: mary [priv] (sshd) 10417 0 sshd: mary@ttyp3 (sshd) 17168 0 /usr/local/sbin/squid -D 17170 0 (squid) -D (squid) 17171 0 (unlinkd) (unlinkd) 20754 0 /usr/sbin/syslogd -ss 20871 0 /usr/sbin/sshd 35688 0 sshd: andy [priv] (sshd) 35691 0 sshd: andy@ttypb (sshd) 42074 0 /usr/local/sbin/munin-node (perl) 48630 0 /usr/local/sbin/httpd -k start 64266 0 screen 67740 0 /usr/local/sbin/httpd -k start 71171 0 /usr/local/sbin/httpd -k start 76426 0 /usr/local/sbin/httpd -k start 92862 0 /usr/local/sbin/httpd -k start 93912 0 sshd: alex [priv] (sshd) 93929 0 sshd: alex@ttypq (sshd) 93955 0 screen 10418 0 -bash (bash) 35692 0 -bash (bash) 35693 0 su - 35694 0 -su (csh) 64268 0 /usr/local/bin/bash 93930 0 -bash (bash) 93932 0 su - 93933 0 -su (bash) 93954 0 screen 93956 0 /usr/local/bin/bash 94654 0 ps ax -o pid,jid,args [root@finn /etc]# i think so i can stop jail by this command? (but it run) /etc/rc.d/jail start /etc/rc.d/jail stop OR i can kill jail process and than /etc/rc.d/jail stop and i can disable in sysctl jail line #security.jail.set_hostname_allowed=1 #security.jail.socket_unixiproute_only=1 #security.jail.sysvipc_allowed=0 #security.jail.enforce_statfs=2 #security.jail.allow_raw_sockets=0 #security.jail.chflags_allowed=0 #security.jail.jailed=0 than extract iso file and restart jail? possible? and it contains any risk? since squid is so so important since i ve read this paper http://www.freebsd.org/doc/en/books/handbook/jails-application.html but i wasn't able to find some jail details/setting in this server but neverthless jail is running regards 2008/8/31 Robert Watson <rwatson@freebsd.org> > > On Sun, 31 Aug 2008, tethys ocean wrote: > > In server jail and squid is running on it as lots of another packet. i >> want to extract iso image in this server. But i havent do it. >> > > You are correct that direct manipulation of md(4) devices is not allowed in > jail. However, you may be running on a version FreeBSD in which tar(1) can > be used to extract iso files, which is quite a bit more convenient for many > uses. > > Robert N M Watson > Computer Laboratory > University of Cambridge > > > >> #mdconfig -a -t vnode -f big_bcbcv.iso >> #mdconfig: open(/dev/mdctl): No such file or directory >> >> #ls -l /dev/md* >> #ls -ls /dev/mdctl >> ls: /dev/mdctl: No such file or directory >> >> >> i am not familiar with jail. only i can extract my iso file. Ý suppose >> that >> jail stop me, jail blocking me for access some source >> >> >> is it true? >> >> 1-how can extract this iso file >> 2-is jail stop me? or any other trouble about my mdctl? >> >> regard >> >> -- Share now a pigeon's flight Bluebound along the ancient skies, Its women forever hair and mammal, A Mediterranean town may arise If you rip apart a pigeon's heart.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?235b80000808311201x1afc099t3b0af9615369fcd3>