From owner-freebsd-questions@FreeBSD.ORG Mon May 1 13:11:17 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1D1ED16A40D for ; Mon, 1 May 2006 13:11:17 +0000 (UTC) (envelope-from david.robillard@gmail.com) Received: from nz-out-0102.google.com (nz-out-0102.google.com [64.233.162.203]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8CAC943D48 for ; Mon, 1 May 2006 13:11:15 +0000 (GMT) (envelope-from david.robillard@gmail.com) Received: by nz-out-0102.google.com with SMTP id 12so1313973nzp for ; Mon, 01 May 2006 06:11:14 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=M7UVvLEi8ujOF0y1YTKroi065MTfEgbDMNIe2cAwFxiNw1u7u/ecSsd9qBjv4ygfCLbHQZnFCteNGBd4ew1XuScAndKrAGaSaI+6eSD2JV1f7fHLTC4g4BG5bUV8WqhblkYLZFRLbe/GdQt2RLbCC63EnrUsg3b1EIbk4wfPbhg= Received: by 10.65.153.7 with SMTP id f7mr567729qbo; Mon, 01 May 2006 06:11:14 -0700 (PDT) Received: by 10.64.179.5 with HTTP; Mon, 1 May 2006 06:11:14 -0700 (PDT) Message-ID: <226ae0c60605010611o72c58d17va14932af70768ab5@mail.gmail.com> Date: Mon, 1 May 2006 09:11:14 -0400 From: "David Robillard" To: "FreeBSD Questions Mailing List" MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Cc: patrick Subject: Re: BIND inside a jail on FreeBSD 6.0 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 May 2006 13:11:17 -0000 ------------------------------ Message: 23 Date: Fri, 28 Apr 2006 19:36:22 -0600 From: "Chad Leigh -- Shire.Net LLC" Subject: Re: BIND inside a jail on FreeBSD 6.0 To: patrick Cc: freebsd-questions@freebsd.org Message-ID: Content-Type: text/plain; charset=3DUS-ASCII; delsp=3Dyes; format=3Dflowed On Apr 28, 2006, at 6:57 PM, patrick wrote: > I'm trying to run BIND inside a jail on FreeBSD 6.0, and I'm > encountering the following problem: > > [root@jail /var/named]# /etc/rc.d/named start > mount_devfs: Operation not permitted > /etc/rc.d/named: WARNING: devfs_domount(): Unable to mount devfs on > /var/named/dev > devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted > devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted > Starting named. > > And then it doesn't start... > > (I realize that BIND already runs in a chroot'd environment, but I'm > running a second copy of BIND on an existing development server as a > secondary test environment.) > > The problem looks like it originates in /etc/rc.d/named: > > # Mount a devfs in the chroot directory if needed > # > umount ${named_chrootdir}/dev 2>/dev/null > devfs_domount ${named_chrootdir}/dev devfsrules_hide_all > devfs -m ${named_chrootdir}/dev rule apply path null unhide > devfs -m ${named_chrootdir}/dev rule apply path random unhide > > I tried mounting the devfs outside the jail to the jail's > /var/named/dev, and then commenting out these lines above, but named > will still not start. Does anyone have any suggestions? BIND is trying to setup a chroot(8) before it starts. If you're already inside a jail, then IMHO it is a little overkill (i.e. Running BIND in a chroot inside a jail). Check the BIND related values in rc.conf(5). The chroot(8) startup is triggered via this one: named_chrootdir=3D"/var/named" # Chroot directory (or "" not to auto-chr= oot it) So try setting it to named_chrootdir=3D"" and it should disable the chroot code from the startup script. Of course, if you still need to chroot(8) your named(8) install inside your jail, then you're at the same point. Consider running another jail perhaps? Or use BIND's view feature. Hope this helps, David > Thanks, > > Patrick > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" -- David Robillard UNIX systems administrator, CISSP Montreal: +1 514 966 0122