From owner-freebsd-current@FreeBSD.ORG Fri Sep 10 13:24:30 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 17A5C16A4CE for ; Fri, 10 Sep 2004 13:24:30 +0000 (GMT) Received: from dedi.fuckner.net (fuckner.net [81.169.152.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7A77943D6D for ; Fri, 10 Sep 2004 13:24:29 +0000 (GMT) (envelope-from hscholz@raisdorf.net) Received: from localhost (localhost [127.0.0.1]) by dedi.fuckner.net (Postfix) with ESMTP id 29DCBC0D6 for ; Fri, 10 Sep 2004 15:24:28 +0200 (CEST) Received: from dedi.fuckner.net ([127.0.0.1]) by localhost (dedi.fuckner.net [127.0.0.1]) (amavisd-new, port 10024) with SMTP id 79248-10 for ; Fri, 10 Sep 2004 15:24:26 +0200 (CEST) Received: from [192.168.1.101] (pD95D37BA.dip.t-dialin.net [217.93.55.186]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by dedi.fuckner.net (Postfix) with ESMTP id AD634C0D4 for ; Fri, 10 Sep 2004 15:24:25 +0200 (CEST) Message-ID: <4141AB09.3090508@raisdorf.net> Date: Fri, 10 Sep 2004 15:24:25 +0200 From: Hendrik Scholz User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040806) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-current@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at fuckner.net Subject: dcons(4) console for jails X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Sep 2004 13:24:30 -0000 Hi! I've been thinking for this for a few days and eventually had the time to have a first look at it. What I'd like to do is basicly running '/usr/libexec/getty dcons dcons' inside a jail and allow the host system to access the console. It's easy to do using the dconschat TCP feature (dconschat -rTC 12345) and using telnet to connect but I don't like the idea of allowing telnet connections from remote systems to important services. So my solution (only had a quick look at the code) should work like this: - write a firewire-like extension for dconschat, i.e. 'dcons -j myjail' that connects to the console on the local jail 'myjail' - build a miniature version of /etc/ttys in the jail to allow configuration. - make sure the comserver-con port works with this extension :) Are there any comments or recommondations? Thanks, Hendrik -- Hendrik Scholz - - http://www.wormulon.net/ drag me, drop me - treat me like an object