From owner-freebsd-stable@FreeBSD.ORG Wed Dec 23 02:15:55 2009 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 856FD106566B for ; Wed, 23 Dec 2009 02:15:55 +0000 (UTC) (envelope-from glen.j.barber@gmail.com) Received: from mail-fx0-f218.google.com (mail-fx0-f218.google.com [209.85.220.218]) by mx1.freebsd.org (Postfix) with ESMTP id 1C0748FC13 for ; Wed, 23 Dec 2009 02:15:54 +0000 (UTC) Received: by fxm10 with SMTP id 10so3724480fxm.14 for ; Tue, 22 Dec 2009 18:15:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=QyGcxbadc7Jc6hzCTamIPesKI8WuwCibtJT5+Bg0z1Y=; b=WrBwHHZj4iucRgcqxXDNgyul/09Uw3dbrxqrPJuyxGTOe7BrYzYzorPm5KhJw/e1Uw jELz+ATOKQxsEQSF6o9Hs/DtNgP8Z3lgB5aaN+gjQgX84XT/vkUGE5AKPB5w1Y2tDcse HT7Zmz3Envu3InIr6I0kJtkTDfnzWpTV4i95M= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=JAF77l0AVidLWmdq91z+ovRDyTU5zdw+UhbPq+DGIahStVaxTag1FvInfmnAO8f3rD 4dxD29Pp6it6qFQzEO2adnIjNCHnU0kckgJSGAGlp8HSFaTvEpBkL6zJ0+uqSicMGSbM 5rSAYMgMpxYZ4Fj3QnACXGJGtQSlAMEfdqirQ= MIME-Version: 1.0 Received: by 10.223.77.141 with SMTP id g13mr2162418fak.0.1261534553724; Tue, 22 Dec 2009 18:15:53 -0800 (PST) In-Reply-To: References: Date: Tue, 22 Dec 2009 21:15:53 -0500 Message-ID: <4ad871310912221815r35542487i8a67ed2f9154a72f@mail.gmail.com> From: Glen Barber To: Peter Fraser Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-stable@freebsd.org Subject: Re: Create socket files X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Dec 2009 02:15:55 -0000 Hi Peter On Tue, Dec 22, 2009 at 8:34 PM, Peter Fraser wro= te: > Hi All > I wonder if anyone could help me with this problem. I followed the > instructions in the handbook to create some jails. It makes part of > the filesystem readonly which is good. This sounds like you used the "service jail" approach [1]. Correct me if I am wrong. > Problem is though that I tried > installing syslog-ng in one of the jails and when I tried to start it, > I got this error > >> Error binding socket; addr=3D'AF_UNIX(/var/run/log)', error=3D'Permissio= n >> denied (13)' >> Error initializing source driver; source=3D'src', id=3D'src#0' >> Error initializing message pipeline; >> /usr/local/etc/rc.d/syslog-ng: WARNING: failed to start syslog_ng > > I think it's trying to create the socket files =A0/var/run/log and > /var/run/logpriv but can't. Is there anyway for me to create them > manually? It has been some time since I used that method to create jails; the areas that have burned me in particular were symlinking /usr/local/bin/perl to /usr/bin/perl and similarly for the security/ca_root_nss port. Re-reading the doc, /var should be made read/write as it is part of the jail "skeleton" filesystem, from which you create the "moving parts" of your jail, so to speak. Did you create /var read-only? Regards, [1] - http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-appli= cation.html --=20 Glen Barber