From owner-freebsd-jail@FreeBSD.ORG Thu Jan 31 02:41:51 2008 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 61A3816A418 for ; Thu, 31 Jan 2008 02:41:51 +0000 (UTC) (envelope-from jon.passki@hursk.com) Received: from fk-out-0910.google.com (fk-out-0910.google.com [209.85.128.189]) by mx1.freebsd.org (Postfix) with ESMTP id CF8FB13C4CE for ; Thu, 31 Jan 2008 02:41:50 +0000 (UTC) (envelope-from jon.passki@hursk.com) Received: by fk-out-0910.google.com with SMTP id b27so528658fka.11 for ; Wed, 30 Jan 2008 18:41:49 -0800 (PST) Received: by 10.78.204.7 with SMTP id b7mr2346704hug.54.1201747308483; Wed, 30 Jan 2008 18:41:48 -0800 (PST) Received: by 10.78.187.8 with HTTP; Wed, 30 Jan 2008 18:41:48 -0800 (PST) Message-ID: Date: Wed, 30 Jan 2008 20:41:48 -0600 From: "Jon Passki" To: "Kurt Buff" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Cc: freebsd-jail@freebsd.org Subject: Re: Newb alert... X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Jan 2008 02:41:51 -0000 On 1/30/08, Kurt Buff wrote: > On Jan 30, 2008 1:38 PM, Jon Passki wrote: > > On 1/30/08, Kurt Buff wrote: > > > All, > > > > > > I'm trying to set up my first jail, and have been following the > > > handbook, Chapter 15, and a printout of 'man 8 jail' from the > > > freebsd.org web site. > > > > > > I've followed the steps in the handbook through 15.4 (the 'make > > > distribution' step got an error, which I ignored after reading the > > > notes) up to the point where I entered the following in my > > > /etc/rc.conf. What was the error, by the way? This step is what creates the password database files. > > If possible, can you post all of the steps? > > > # mkdir -p /jails/wotan > > # setenv D /jails/wotan > > # cd /usr/src > > # makeworld DESTDIR=$D && make distribution DESTDIR=$D && mount_devfs > devfs $D $D/dev The mount_devfs isn't necessary, since you're using the /etc/rc.conf command below. Also, I'm assuming you had a space in 'make world' above. The manual page is assuming you aren't necessarily using /etc/rc.conf. Maybe an opportunity to update the manual page :-) > I then edited /etc/rc.conf to include the lines below. > > > > jail_enable="YES" > > > jail_list="wotan" > > > jail_wotan_rootdir="/jails/wotan" > > > jail_wotan_hostname="wotan.mycompany.com" > > > jail_wotan_ip="192.168.24.123" > > > jail_wotan_devfs_enable="YES" > > > jail_wotan_devfs_ruleset="wotan_ruleset" I missed this before. Unless you created a devfs ruleset called wotan_ruleset, remove this line. The /etc/rc.d/jail script will use the default jail devfs ruleset. > > > I then did /etc/rc.d/jail /start wotan > > > > `/etc/rc.d/jail start wotan` # notice no forward slash in front of 'start' > > Yes - that's a typo on my part - I did actually omit the slash at the > command line. :-) > > Also, I don't see a "jail_exec_start" statement nor a > > "jail_wotan_exec_start" statement anywhere. This could easily cause > > problems. You should have something like: > > > > jail_wotan_exec_start="/bin/sh /etc/rc" # command to > > execute in jail for starting > > jail_wotan_exec_stop="/bin/sh /etc/rc.shutdown" # command to > > execute in jail for stopping > > > > Somewhere. If you remove the "wotan" from the above, then that will > > be the default setting. > > Good to know. I'm assuming that they can be put in with the rest of > the lines in /etc/rc.conf? Yep. > > > > > > and that didn't work, giving the following lines: > > > > > > Starting jails: cannot start jail "wotan": > > > jail: getpwnam: root: no such file or directory > > > > Does /jails/wotan/etc/passwd, /jails/wotan/etc/master.passwd, > > /jails/wotan/etc/pwd.db, and /jails/wotan/etc/spwd.db exist? > > No, I'm afraid not. This is what's causing the getpwnam error in the first place. Basically, your system is saying return the root account information, but when it tries to look it up in the password database (defaults to the files above, basically), nothing is there. The make distribution should have automatically went into src/etc and created a default /jails/wotan/etc/passwd and friends install. As for the `make distribution DESTDIR=$D` and not changing into src/etc, that should be OK. The Makefile.inc for RELENG_6_2, RELENG_6_3, and RELENG_7_0 does it automatically. The src/etc/Makefile for RELENG_6_2, RELENG_6_3, and RELENG_7_0 all explicitly create the password database files by calling pwd_mkdb. But, you don't have the files... As you mentioned, an error occurred during make distribution. That to me seems the issue... Jon