From owner-freebsd-security Tue May 7 11:29:13 2002 Delivered-To: freebsd-security@freebsd.org Received: from stuff.webintl.com (stuff.webintl.com [209.248.144.10]) by hub.freebsd.org (Postfix) with ESMTP id 21F2337B40C for ; Tue, 7 May 2002 11:28:57 -0700 (PDT) Received: from [192.168.123.20] (adsl-66-136-237-161.dsl.ltrkar.swbell.net [66.136.237.161]) by stuff.webintl.com (8.9.3/8.9.3) with ESMTP id NAA10111 for ; Tue, 7 May 2002 13:28:55 -0500 Mime-Version: 1.0 X-Sender: freebsd@mail.webintl.com Message-Id: In-Reply-To: <20020507062232.A75CE37B400@hub.freebsd.org> References: <20020507062232.A75CE37B400@hub.freebsd.org> Date: Tue, 7 May 2002 13:28:52 -0500 To: freebsd-security@freebsd.org From: Albert Everett Subject: Re: jails and sendmail Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thanks to those who have answered my post. Full Sendmail now working on host and in all jails. By the way, can someone point me to the postfix patch that allows it to run in a jail? Albert > > On the host itself, I have in rc.conf: sendmail_enable="NO", instead >> of "NONE", to allow cron stuff to get mail out. > >Good, then it won't interfere with the jails. -- on host, setting a daemon option (to listen only on host ip) in .mc makes sendmail_enable="yes" ok in rc.conf. Can also use command line option in sendmail_flags in rc.conf - see p691 in O'Reilly Sendmail 2nd ed. book. > >> I'd like to have sendmail_enable="YES" in each of my jails. Right >> now, sendmail doesn't seem to want to start in my jails with ="YES". > >I guess you aliased the jails ip when starting up? -- yes, in rc.conf > >> Is it necessary to tell sendmail inside a jail to listen only on that >> jail's IP? If so, how is this done? I'm hoping a line or two in the >> .mc file will do it, but I'm new to editing these files. > >Nope, not when running in a jail. The jail code translates INADDR_ANY to >just the jails ip. This is done transparently. -- good to know, thanks > >> Is there a problem with the localhost sendmail config being shared >> around the jails, since localhost really belongs to the host itself >> (if I understand localhost correctly)? > >In a jail "localhost" is also mapped to the jails ip. Again transparently. >Do other daemons run and can you access them from outside the jail and/or >other systems? -- good to know about jail localhost, thanks. sshd runs in all jails ok. haven't tried others yet > >Nate > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message -- ----------------------------------------------------------------------- Albert Everett - Web International, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message