From owner-freebsd-jail@FreeBSD.ORG Sun Aug 25 04:07:43 2013 Return-Path: Delivered-To: freebsd-jail@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 6ECA091D for ; Sun, 25 Aug 2013 04:07:43 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from cosmo.uchicago.edu (cosmo.uchicago.edu [128.135.52.97]) by mx1.freebsd.org (Postfix) with ESMTP id 4B60725E9 for ; Sun, 25 Aug 2013 04:07:43 +0000 (UTC) Received: by cosmo.uchicago.edu (Postfix, from userid 48) id 6E3B3CB8C8B; Sat, 24 Aug 2013 23:07:42 -0500 (CDT) Received: from 68.255.103.36 (SquirrelMail authenticated user valeri) by cosmo.uchicago.edu with HTTP; Sat, 24 Aug 2013 23:07:42 -0500 (CDT) Message-ID: <58331.68.255.103.36.1377403662.squirrel@cosmo.uchicago.edu> Date: Sat, 24 Aug 2013 23:07:42 -0500 (CDT) Subject: Re: connect -1 errno 1 Operation not permitted with specific user (nagios) From: "Valeri Galtsev" To: "Mike C." User-Agent: SquirrelMail/1.4.8-5.el5.centos.7 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal References: <52197976.3020405@gmail.com> In-Reply-To: <52197976.3020405@gmail.com> Cc: freebsd-jail@freebsd.org X-BeenThere: freebsd-jail@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: galtsev@kicp.uchicago.edu List-Id: "Discussion about FreeBSD jail\(8\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Aug 2013 04:07:43 -0000 Mine was FreeBSD 9.1, amd64, and "per jail" config didn't work for me. I configure jails in /etc/rc.conf and start them on boot by enabling them in /etc/rc.conf (jail_enable="YES"), or start, stop, restart using /etc/rc.d/jail [start|stop|restart] For those who didn't see previous discussion, it was about suggested by one of real experts elegant per jail enabling access to raw sockets which should work if one does this >> > Putting this in /etc/rc.conf: >> > >> > jail_${JailName}_parameters="allow.raw_sockets=1" For me it didn't work, so I have to enable raw sockets this way: sysctl security.jail.allow_raw_sockets=1 and restart jail or by adding into /etc/sysctl.conf security.jail.allow_raw_sockets=1 downside: raw sockets enabled in all jails. Thanks. Valeri On Sat, August 24, 2013 10:26 pm, Mike C. wrote: > This host is Freebsd 8, and the config "per" jail doesn't work! > > However, I friend of mine confirmed me it does work on FreeBSD 9 hosts! > > > -- > Melhores Cumprimentos // Best Regards > ------------------------------------------------------------------------ Miguel Clara > *nix Sys Admin Freelance > > > http://www.linkedin.com/in/miguelmclara/ > http://about.me/miguelmclara > ------------------------------------------------------------------------ _______________________________________________ > freebsd-jail@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++