From owner-freebsd-alpha@FreeBSD.ORG Tue Aug 2 15:53:23 2005 Return-Path: X-Original-To: freebsd-alpha@freebsd.org Delivered-To: freebsd-alpha@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9680A16A41F for ; Tue, 2 Aug 2005 15:53:23 +0000 (GMT) (envelope-from macgyver@calibre-solutions.co.uk) Received: from mail.calibre-solutions.co.uk (phoenix.calibre-solutions.co.uk [217.79.104.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id CA70543D69 for ; Tue, 2 Aug 2005 15:53:22 +0000 (GMT) (envelope-from macgyver@calibre-solutions.co.uk) Received: from webmail.calibre-solutions.co.uk (selonia.calibre-solutions.co.uk [172.16.2.12]) by mail.calibre-solutions.co.uk (Postfix) with ESMTP id CF97378E9C for ; Tue, 2 Aug 2005 17:01:34 +0100 (BST) Received: from 145.36.224.17 (SquirrelMail authenticated user macgyver) by webmail.calibre-solutions.co.uk with HTTP; Tue, 2 Aug 2005 17:01:34 +0100 (BST) Message-ID: <1193.145.36.224.17.1122998494.squirrel@webmail.calibre-solutions.co.uk> In-Reply-To: <200508011307.14737.jhb@FreeBSD.org> References: <42EE1A34.6510B1CE@fadesa.es> <20050801151501.GA53593@freebie.xs4all.nl> <42EE50C3.5C01C564@fadesa.es> <200508011307.14737.jhb@FreeBSD.org> Date: Tue, 2 Aug 2005 17:01:34 +0100 (BST) From: "Angus MacGyver" To: freebsd-alpha@freebsd.org User-Agent: SquirrelMail/1.4.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: Fun with Jails... X-BeenThere: freebsd-alpha@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: macgyver@calibre-solutions.co.uk List-Id: Porting FreeBSD to the Alpha List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2005 15:53:23 -0000 Jails, Love them.. got them all setup (4 of them) and all working all OK. HOWEVER... Two minor issues... 1) Enter the jail, and do a mount, as either a normal user OR root (or the jail)and I can see the mount mount that / of the jail starts from... To me, this me ain't pretty, and gives people an idea that they are jailed. E.g. jail1.FreeBSD /home/jail> mount /dev/md10c on /data/172.16.2.6 (ufs, local) jail1.FreeBSD /home/jail> su - Password: jail1# mount /dev/md10c on /data/172.16.2.6 (ufs, local) jail1# I've taken a look into the sysctl's and they are... sysctl -a | grep security security.jail.set_hostname_allowed: 1 security.jail.socket_unixiproute_only: 1 security.jail.sysvipc_allowed: 0 security.jail.getfsstatroot_only: 1 security.jail.allow_raw_sockets: 0 security.jail.chflags_allowed: 0 security.jail.jailed: 0 I changed security.jail.getfsstatroot_only to 0, and this made the problem worse as expected.. (i.e. all the mounts on host machine) So, question is, how do i get / mounted as / in a jail (if that is possible) 2) Using the nice "the-labs" tool kit for jails, including their webmin plugin to create and manage the jails. (makes it easy on eye /at a glance status) I create a machine with an ip, say 192.168.1.3, and hostname, say foobar... install works fine... Create a machine with an FQDN as the alias, say 192.168.1.3 and foobar.example.com, and things start to get very odd. First of all, the webmin page "finds them" when they are stopped, but then cannot start them. Neither can they be started from the command line as a FQDN, thoough they can be started with the IP If they are started using the IP from the command line, the webmin module only finds a started jail with the name of "." The "." then cannot be stopped with the webmin module.. Again, from the command line they cannot be stopped using the FQDN from the command line... As a workaround for this, i did a NON-FQDN setup, and changed the hostname in the jails /etc/rc.conf file... however this appears to have the same issue... Any thoughts ?? Cheers AM -- I ain't perfect ... ...Yet