From owner-freebsd-questions Thu Dec 5 9:27:18 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2809337B401 for ; Thu, 5 Dec 2002 09:27:16 -0800 (PST) Received: from mcesr.etat.lu (dynamic4.etat.lu [194.154.200.100]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA9D143ECF for ; Thu, 5 Dec 2002 09:27:14 -0800 (PST) (envelope-from didier.wiroth@mcesr.etat.lu) Received: from [148.110.43.149] (HELO lucifer) by mcesr.etat.lu (CommuniGate Pro SMTP 3.5.9) with ESMTP id 687906 for freebsd-questions@freebsd.org; Thu, 05 Dec 2002 18:21:41 +0100 Reply-To: From: "Didier Wiroth" To: Subject: Jail problems Date: Thu, 5 Dec 2002 18:26:59 +0100 Organization: MCESR Message-ID: <000001c29c83$84859130$952b6e94@lucifer> X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4024 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hey I'm running a jail which runs or should run :-) bind! I would like to run bind in a sandbox but I can't get it to work! I've followed these steps on the dns jail: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/dns.html#NAMED -SANDBOX Except the following 2 steps which I had to do on the host first: 1) dev/null device was created from the host and copied to /jail/dns/etc/namedb/dev 2) statically linked copy of named-xfer was build at the host and copied to /jail/dns.../bin Here is the content of the jail rc.conf file: portmap_enable="NO" network_interface="" sshd_enable="YES" sendmail_enable="NONE" syslogd_flags="-ss -l /etc/namedb/dev/log" named_enagle="YES" named_flags="-u bind -g bind -t /etc/namedb /etc/named.conf" Here is the jail syslog output %tail /var/log/messages Dec 5 18:06:07 dns adjkerntz[32290]: sysctl(put_wallclock): Operation not permitted Dec 5 18:06:07 dns sshd[32343]: error: Bind to port 22 on XXX.XXX.XXX.XXX failed: Address already in use. Dec 5 18:06:07 dns sshd[32343]: fatal: Cannot bind any address. Dec 5 18:06:07 dns syslogd: exiting on signal 15 Dec 5 18:06:07 dns syslogd: exiting on signal 15 What I also don't understand is the sshd problem saying error: Bind to port etc.. Because I'm using the "ListenAdress" options in the jails with the jail ip address in the sshd_config file! Some clues why bind doesn't work? I've tried to start it from the command line, this was the output: dns# named -u bind -t bind -t /etc/namedb /etc/named.conf can't change directory to /etc/namedb: No such file or directory But the directories exists: dns# ll -R /etc/namedb/ -rw-r--r-- 1 root wheel 427 Dec 5 17:47 PROTO.localhost-v6.rev -rw-r--r-- 1 root wheel 423 Dec 5 17:47 PROTO.localhost.rev drwxr-xr-x 2 root wheel 512 Dec 5 17:57 bin drwxr-xr-x 2 root wheel 512 Dec 5 18:24 dev drwxr-xr-x 2 root wheel 512 Dec 5 17:49 etc -rw-r--r-- 1 root wheel 1032 Dec 5 17:47 make-localhost drwxr-xr-x 2 root wheel 512 Dec 5 18:02 master lrwxr-xr-x 1 root wheel 14 Dec 5 17:49 named.conf -> etc/named.conf drwxr-xr-x 2 bind bind 512 Dec 5 17:48 slave drwxr-xr-x 4 root wheel 512 Dec 5 17:48 var /etc/namedb/bin: total 464 -r-xr-xr-x 1 root wheel 446704 Dec 5 17:57 named-xfer /etc/namedb/dev: total 0 srw-rw-rw- 1 root wheel 0 Dec 5 18:24 log crw-rw-rw- 1 root wheel 2, 2 Dec 5 17:59 null /etc/namedb/etc: total 6 -r--r--r-- 1 root wheel 1098 Dec 5 17:48 localtime -rw-r--r-- 1 root wheel 3410 Dec 5 18:02 named.conf /etc/namedb/master: total 12 -rw-r--r-- 1 root wheel 447 Dec 5 17:49 localhost-v6.rev -rw-r--r-- 1 root wheel 443 Dec 5 17:49 localhost.rev -rw-r--r-- 1 root wheel 760 Dec 5 18:02 xyz.zone -rw-r--r-- 1 root wheel 270 Dec 5 17:51 named.localhost -rw-r--r-- 1 root wheel 2843 Dec 5 17:47 named.root /etc/namedb/slave: /etc/namedb/var: total 4 drwxr-xr-x 2 bind bind 512 Dec 5 17:48 run drwxr-xr-x 2 bind bind 512 Dec 5 17:48 tmp /etc/namedb/var/run: /etc/namedb/var/tmp: Thanks a lot Didier To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message