From owner-freebsd-stable@FreeBSD.ORG Thu Mar 27 19:29:45 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 481E0106566B for ; Thu, 27 Mar 2008 19:29:45 +0000 (UTC) (envelope-from lists@c0mplx.org) Received: from home.opsec.eu (unknown [IPv6:2001:14f8:200::1]) by mx1.freebsd.org (Postfix) with ESMTP id 07BB78FC13 for ; Thu, 27 Mar 2008 19:29:45 +0000 (UTC) (envelope-from lists@c0mplx.org) Received: from pi by home.opsec.eu with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1JexnF-000F8b-7x for freebsd-stable@freebsd.org; Thu, 27 Mar 2008 20:29:45 +0100 Date: Thu, 27 Mar 2008 20:29:45 +0100 From: Kurt Jaeger To: freebsd-stable@freebsd.org Message-ID: <20080327192945.GA57996@home.opsec.eu> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Subject: Re: inetd and freebsd service jail X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2008 19:29:45 -0000 Hi! > I have a jail for pureftpd service, > it is possible that inetd from the main system launch FTP server > inside the jail? No, it's not possible. The reason: When your client connects to the IP of the jail, inetd.conf running on the main system can start some jexec /usr/libexec/ftpd ... But: The depends on the IP the client is connecting to, and inetd has no lookup-hook to find the from the IP adress. It might not be too difficult to add this feature to inetd, but right now, it's not available. > If not so, i don't uderstand advantage of to have an inetd service > listening inside each jail... Jails are to virtualize systems, so if you have your own instance of inetd running in your jail, you can decide for yourself which services will served by your inetd instance. Just edit the inetd.conf inside the jail and restart inetd in your own virtual server. -- pi@opsec.eu +49 171 3101372 12 years to go !