From owner-freebsd-jail@FreeBSD.ORG Thu Feb 2 15:17:28 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 174631065673; Thu, 2 Feb 2012 15:17:28 +0000 (UTC) (envelope-from chris_bender@cellularatsea.com) Received: from wireless.icgws.com (wireless.icgws.com [198.211.94.23]) by mx1.freebsd.org (Postfix) with ESMTP id BB4818FC16; Thu, 2 Feb 2012 15:17:27 +0000 (UTC) Received: by wireless.icgws.com (Postfix, from userid 1003) id 752E9180D56; Thu, 2 Feb 2012 10:16:19 -0500 (EST) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on wireless.icgws.com X-Spam-Level: X-Spam-Status: No, score=-2.9 required=3.5 tests=ALL_TRUSTED,BAYES_00 autolearn=ham version=3.3.1 Received: from wmstp.corp.cellularatsea.com (unknown [10.200.104.195]) by wireless.icgws.com (Postfix) with SMTP id 6DA12180B43; Thu, 2 Feb 2012 10:16:13 -0500 (EST) Received: from wmstp.corp.wms.cellularatsea.com (localhost [127.0.0.1]) by wmstp.corp.cellularatsea.com (Postfix) with SMTP id 53E8AB1885D; Thu, 2 Feb 2012 10:17:01 -0500 (EST) Received: from wmsexg01.corp.cellularatsea.com ([10.200.104.15] helo=wmsexg01.corp.cellularatsea.com) by wmstp.corp.wms.cellularatsea.com with SMTP (ASSP 1.9.1.1); 2 Feb 2012 10:17:01 -0500 X-Ninja-PIM: Scanned by Ninja X-MimeOLE: Produced By Microsoft Exchange V6.5 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Content-class: urn:content-classes:message x-vipre-scanned: 00480474002CE0004805C1 Date: Thu, 2 Feb 2012 10:16:59 -0500 Message-ID: In-Reply-To: <4F2897F5.90900@FreeBSD.org> Thread-Topic: jails Thread-Index: AczggnstdM/PiAmtT9a116wvb7/nvgBOqTVw References: <863259E16B6C464DAD1E9DD10BB311540582EC53@wmsexg01.corp.cellularatsea.com> <4F27FD77.30409@FreeBSD.org> <863259E16B6C464DAD1E9DD10BB311540582ED0E@wmsexg01.corp.cellularatsea.com> <4F28273A.1070905@FreeBSD.org> <863259E16B6C464DAD1E9DD10BB311540582ED21@wmsexg01.corp.cellularatsea.com> <4F285235.1010407@FreeBSD.org> <863259E16B6C464DAD1E9DD10BB311540582EE18@wmsexg01.corp.cellularatsea.com> <4F2897F5.90900@FreeBSD.org> From: "Bender, Chris" To: X-Assp-Whitelisted: Yes () X-Assp-Envelope-From: chris_bender@cellularatsea.com X-Assp-Intended-For: glarkin@FreeBSD.org X-Assp-Passing: 10.200.104.15 in acceptAllMail X-Assp-ID: wmstp.corp.wms.cellularatsea.com (32819-24963) X-Assp-Version: 1.9.1.1(1.0.00) Cc: freebsd-jail@freebsd.org Subject: RE: jails X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Feb 2012 15:17:28 -0000 Hi Greg Yes the second interface is a new idea. I decided to NOT use the second interface it was too cumbersome to get it too work. Thanks for all the ideas and help, I was able to get the ezjails ssub systems up and running finally. I am not sure how I did it,=20 but I am sureI couldn't have done it without support from people like you and the FREEBSD org. Thanks so much!!!!! Do you know anything on ZFS? That is my next area of concern that isn't working as a results of our engineer that passed away.=20 Thanks -----Original Message----- From: Greg Larkin [mailto:glarkin@FreeBSD.org]=20 Sent: Tuesday, January 31, 2012 8:40 PM To: Bender, Chris Subject: Re: jails -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Chris, Since your server has ezjail installed and it was used to create the jails, I think it would be easier to use ezjail-admin to manage the files in /usr/local/etc/ezjail/*. From what I've read in the ezjail-admin man page, multiple IP addresses are listed on one line like so: export jail_tools2_ip=3D"172.19.4.41 172.19.4.46 172.19.4.47 172.19.4.48" I don't see any support for jails with IPs on multiple interfaces, though. Is that a new configuration that you're trying to introduce,= or was it working prior to now? Regards, Greg On 1/31/12 6:19 PM, Bender, Chris wrote: > Any idea on the syntax how to export jail using two interfaces. =20 >=20 > export jail_tools2_hostname=3D"tools2" > export jail_tools2_ip=3D"172.19.4.41" > export jail_tools2_ip_multi0=3D"172.19.4.46" > export jail_tools2_ip_multi1=3D"172.19.4.47" > export jail_tools2_ip_multi2=3D"172.19.4.48" > export jail_tools2_ip=3D"em1|135.209.138.15" =20 > #export jail_tools2_ip_multi4=3D"135.209.138.20" > export jail_tools2_rootdir=3D"/usr/jails/tools2" > export jail_tools2_exec=3D"/bin/sh /etc/rc" > export jail_tools2_mount_enable=3D"YES" > export jail_tools2_devfs_enable=3D"YES" > export jail_tools2_devfs_ruleset=3D"devfsrules_jail" > export jail_tools2_procfs_enable=3D"YES" > export jail_tools2_fdescfs_enable=3D"YES" > export jail_tools2_image=3D"" > export jail_tools2_imagetype=3D"" > export jail_tools2_attachparams=3D"" > export jail_tools2_attachblocking=3D"" > export jail_tools2_forceblocking=3D"" > ~ >=20 >=20 > Will this work;. >=20 > -----Original Message----- > From: Greg Larkin [mailto:glarkin@FreeBSD.org] > Sent: Tuesday, January 31, 2012 3:42 PM > To: Bender, Chris > Subject: Re: jails >=20 > Hi Chris, >=20 > I'm back now for ~30 minutes, and tomorrow will be a bit easier to=20 > schedule, too. It's possible to set up ssh to listen on the host as=20 > well as all of the jails, but you have to tweak the ListenAddress=20 > directive in /etc/ssh/sshd_config on the host and the jails to only=20 > listen on one IP address, instead of all addresses. >=20 > If it's possible to grant remote access through ssh to your host=20 > machine, I should be able to figure out the network issues with your=20 > jails, so let me know if you want to do that. >=20 > Regards, > Greg >=20 > On 1/31/12 12:44 PM, Bender, Chris wrote: >> Hi Greg >=20 >> Ssh is enabled on the host machine. I want the other machines in the=20 >> office to be able to access the jails systems whether it be ssh or > web? >=20 >> SO far I am looking into IP forwarding on the host but I am not sure. >=20 >> Thanks >=20 >> -----Original Message----- >> From: Greg Larkin [mailto:glarkin@FreeBSD.org] >> Sent: Tuesday, January 31, 2012 12:39 PM >> To: Bender, Chris >> Subject: Re: jails >=20 >> On 1/31/12 12:10 PM, Bender, Chris wrote: >>> Hi Greg >=20 >>> Thanks for calling. I was working late last night. I just came to >> work.=20 >=20 >=20 >>> I was able to start the systems, but I still have yet been able to=20 >>> figure out How to get users to access the remote system, whether via >>> ftp, ssh, telnet or web service. >>> I believe it is in the area of no apache or http running or=20 >>> something >=20 >>> to that affect. I am researching now. >=20 >>> I would gladly like to use you as a mentor and perhaps work=20 >>> something >=20 >>> out with you. >>> I could use the expertise. >=20 >=20 >=20 >>> Thanks >=20 >> Hi Chris, >=20 >> Ok, that sounds good. I'm heading to a meeting shortly, but I should >> be available after either 3pm or 4pm. I'll ping you when I'm back= in >> the office, if you have some time to chat later today. >=20 >> ssh is the preferred way to set up remote shell access, and here are=20 >> the basics for enabling it on the server: >> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/openssh.htm >> l >=20 >> You may also need to modify perimeter firewall rules to allow remote=20 >> access, too. >=20 >> Regards, >> Greg >=20 - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. http://twitter.com/cpucycle/ - Follow you, follow me -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8ol/UACgkQ0sRouByUApAnaQCgjUUlCh3qrrfZMxTk904EXzKt x7cAn2fxI71KgE+SM0Ec3VcYUAJcSAdT =3DUbDr -----END PGP SIGNATURE-----