Date: Sun, 12 Oct 2014 15:55:46 +0200 From: Paul <paul@mueller-blockhaus.de> To: freebsd-questions@freebsd.org Subject: RE:possible jail bug? Message-ID: <20141012155546.00004520@mueller-blockhaus.de>
next in thread | raw e-mail | index | archive | help
Hello Guys, I had trouble changing the devfs ruleset for a jail. I wanted to jail snort. For every interface I created a jail using ezjail. I named them snort_em*. But when I change the Ruleset to jail_snoet_em0_devfs_ruleset="devfsrules_jail_snort", the changed devfs.rules doesen't applied. I was so frustrated, that I recreated the jail with another name snortem* and then I worked. Is the "_"not allowed for jailnames or is it a problem with ezjail or jails? Greetings Paul uname -a : FreeBSD utm 9.3-RELEASE-p2 FreeBSD 9.3-RELEASE-p2 #1 r272282: Fri Oct 3 16:06:53 CEST 2014 admin@utm:/usr/obj/usr/src/sys/RCTL amd64 ####################################### /etc/devfs.rules [devfsrules_jail_vpn=5] add include $devfsrules_hide_all add include $devfsrules_unhide_basic add include $devfsrules_unhide_login add path tun0 unhide [devfsrules_unhide_bpf=6] add path 'bpf*' unhide [devfsrules_jail_dhcpd=7] add include $devfsrules_hide_all add include $devfsrules_unhide_basic add include $devfsrules_unhide_login add include $devfsrules_unhide_bpf [devfsrules_jail_snort=8] add include $devfsrules_hide_all add include $devfsrules_unhide_basic add include $devfsrules_unhide_login add include $devfsrules_unhide_bpf [devfsrules_jail_squid=9] add include $devfsrules_hide_all add include $devfsrules_unhide_basic add include $devfsrules_unhide_login add path pf unhide mode 040 group 100 ######################################### /usr/local/etc/ezjail/snort_em0 export jail_snort_em0_hostname="snort_em0" export jail_snort_em0_ip="127.0.0.4" export jail_snort_em0_rootdir="/jails/snort_em0" export jail_snort_em0_exec_start="/bin/sh /etc/rc" export jail_snort_em0_exec_stop="" export jail_snort_em0_mount_enable="YES" export jail_snort_em0_devfs_enable="YES" export jail_snort_devfs_ruleset="devfsrules_jail_snort" export jail_snort_em0_procfs_enable="NO" export jail_snort_em0_fdescfs_enable="YES" export jail_snort_em0_image="" export jail_snort_em0_imagetype="" export jail_snort_em0_attachparams="" export jail_snort_em0_attachblocking="" export jail_snort_em0_forceblocking="" export jail_snort_em0_zfs_datasets="" export jail_snort_em0_cpuset="" export jail_snort_em0_fib="" export jail_snort_em0_parentzfs="" export jail_snort_em0_parameters="" export jail_snort_em0_post_start_script="" export jail_snort_em0_retention_policy="" ###################################### /usr/local/etc/ezjail/snortem0 export jail_snortem0_hostname="snortem0" export jail_snortem0_ip="127.0.0.3" export jail_snortem0_rootdir="/jails/snortem0" export jail_snortem0_exec_start="/bin/sh /etc/rc" export jail_snortem0_exec_stop="" export jail_snortem0_mount_enable="YES" export jail_snortem0_devfs_enable="YES" export jail_snortem0_devfs_ruleset="devfsrules_jail_snort" export jail_snortem0_procfs_enable="NO" export jail_snortem0_fdescfs_enable="YES" export jail_snortem0_image="" export jail_snortem0_imagetype="" export jail_snortem0_attachparams="" export jail_snortem0_attachblocking="" export jail_snortem0_forceblocking="" export jail_snortem0_zfs_datasets="" export jail_snortem0_cpuset="" export jail_snortem0_fib="" export jail_snortem0_parentzfs="" export jail_snortem0_parameters="" export jail_snortem0_post_start_script="" export jail_snortem0_retention_policy=""
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20141012155546.00004520>