From owner-freebsd-stable@FreeBSD.ORG Thu Mar 27 20:05:10 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B9CBC1065671 for ; Thu, 27 Mar 2008 20:05:10 +0000 (UTC) (envelope-from ranceh@gmail.com) Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.28]) by mx1.freebsd.org (Postfix) with ESMTP id 787A98FC19 for ; Thu, 27 Mar 2008 20:05:10 +0000 (UTC) (envelope-from ranceh@gmail.com) Received: by yw-out-2324.google.com with SMTP id 2so71791ywt.13 for ; Thu, 27 Mar 2008 13:05:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=tv7Khl/qkMFCAhDnXuOZOckCAMNQkyCeJszNNbTBkQQ=; b=Nn01udGf6GSCunlEw1FcPRj58qp+dr8EXjf2VcNmsfHzERsrivv4U0sh7QHGfbCpbUcmOR3DI++TC9y2OQKVSOJyCrVeNrB0JlqRPN+miK6K5GWTb3dAoUw3AO5JukSkDoAtEXrbaAf99QtINFpcjHS5znjmTilKrgFmwlqjUWQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=IQfXMqsbtUHjfeRCFNCjHkSh1NwcTcuYaQst3hkkc9k3E5TI7THFysNvElklX0lgr4zRtlvMLYPn0gNtRds/+aAQHf0L799PqIjCWE0WigEKZC7FjW6sXMA5JH05RPANOg9oMwMqMQAsrrLJoLPfWSzJaH/cw9fzX6hYchbqEqs= Received: by 10.142.231.7 with SMTP id d7mr1713211wfh.130.1206648309101; Thu, 27 Mar 2008 13:05:09 -0700 (PDT) Received: by 10.142.242.18 with HTTP; Thu, 27 Mar 2008 13:05:09 -0700 (PDT) Message-ID: <845c0f80803271305k40141ef3u19056afb4e244da0@mail.gmail.com> Date: Thu, 27 Mar 2008 15:05:09 -0500 From: "Rance Hall" To: freebsd-stable@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Subject: Re: inetd and freebsd service jail X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2008 20:05:10 -0000 On 3/27/08, Ruben Lara wrote: > > Hello everyone! > > Is it possible that inetd launch services inside service jails? > > Let me explain, I have a jail for pureftpd service, it is possible that inetd from the main system launch FTP server inside the jail? > If not so, i don't uderstand advantage of to have an inetd service listening inside each jail... > > Thank you > Ruben Lara > No, this is not possible, but it is possible to run the pureftp service inside a chroot so that it only has access to the files you provide copies of in the chroot. This is the way to secure individual services that are part of a main box, a jail is a way to run a whole second server inside the first one. There are advantages to both approaches, but sometimes one is better than the other. give chroot a try, and inetd can launch the command line to start pureftpd in a chroot no problem.