Date: Mon, 23 Sep 2024 16:05:38 +0200 From: Andrea Venturoli <ml@netfence.it> To: Ryan Steinmetz <zi@freebsd.org> Cc: ports@freebsd.org Subject: Re: rbldnsd does not start in a jail Message-ID: <4e55689d-e59b-4b22-85f3-c5dd6c0d0ad5@netfence.it> In-Reply-To: <Zu1_B13ehCVEJO8S@exodus.zi0r.com> References: <68c5efba-addb-4d25-9650-498b52e39b1b@netfence.it> <Zu1_B13ehCVEJO8S@exodus.zi0r.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/20/24 15:56, Ryan Steinmetz wrote: > This is probably something specific to your environment, as it works in > a fresh jail on a 14.1-RELEASE system: Thanks for answering. Today it works! I did some upgrades in the last few days, but none should be relevant. Notice I didn't restart the jail. :-| I'll keep an eye on this in case it happens again. > As a starting point, I would look for defaults you have modified in: > - security.jail sysctls > - security.mac sysctls > - *chroot* sysctls > - kern.securelevel > - security.jail.param.securelevel The only entries I have in /etc/sysctl.conf are: security.bsd.unprivileged_proc_debug=1 security.bsd.unprivileged_read_msgbuf=1 security.bsd.see_other_gids=1 security.bsd.hardlink_check_gid=1 security.bsd.hardlink_check_uid=1 security.bsd.see_other_uids=0 security.bsd.stack_guard_page=1 I don't think any of these lives in the categories above. Also I'm using ezjail, but changed none of its default. > - Filesystem permissions in the new root dir (and its parent directories) # ls -l /usr/local/etc/|grep rbl drwxr-xr-x 2 root wheel 7 Sep 19 20:02 rbldnsd Is this fine? Permissions of all parents are the standard ones. bye & Thanks av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4e55689d-e59b-4b22-85f3-c5dd6c0d0ad5>