From owner-freebsd-jail@FreeBSD.ORG Fri Nov 9 10:38:35 2012 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 143FEC16 for ; Fri, 9 Nov 2012 10:38:35 +0000 (UTC) (envelope-from zaphod@berentweb.com) Received: from sam.nabble.com (sam.nabble.com [216.139.236.26]) by mx1.freebsd.org (Postfix) with ESMTP id E75A98FC13 for ; Fri, 9 Nov 2012 10:38:34 +0000 (UTC) Received: from [192.168.236.26] (helo=sam.nabble.com) by sam.nabble.com with esmtp (Exim 4.72) (envelope-from ) id 1TWlys-0004yZ-Bd for freebsd-jail@freebsd.org; Fri, 09 Nov 2012 02:38:34 -0800 Date: Fri, 9 Nov 2012 02:38:34 -0800 (PST) From: Beeblebrox To: freebsd-jail@freebsd.org Message-ID: <1352457514352-5759501.post@n5.nabble.com> Subject: ICMP RAW socket error MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Nov 2012 10:38:35 -0000 My jail used to work fine but it seems a recent update broke some things. My kernel/world has INET6 disblad and there are already 2 threads re the error that setting causes with jails. Now this error - is it a bug or am I missing something? My /etc/sysctl.conf has security.jail.allow_raw_sockets=1 I even confirm it separately before starting the jail: # sysctl security.jail.allow_raw_sockets * I start the jail but isc-dhcpd cannot start: unable to create icmp socket: Operation not permitted * I cannot ping from the jail: ping: socket: Operation not permitted * This error also, but inetd starts: inetd[50866]: madvise() failed: Operation not permitted No point in setting up a dhcp debug log, the error is in the network setting. /etc/devfs.rules has: add path net unhide, add path 'net/*' unhide My system is not exposed to the outside so it does not have pf / nat running on it. -- View this message in context: http://freebsd.1045724.n5.nabble.com/ICMP-RAW-socket-error-tp5759501.html Sent from the freebsd-jail mailing list archive at Nabble.com.