Date: Sun, 27 Jul 2003 16:28:44 -0500 From: Jon Disnard <diz@linuxpowered.com> To: Pat Lashley <patl+freebsd@volant.org> Cc: current@freebsd.org Subject: Re: SSH from host to jail Message-ID: <3F24440C.1000005@linuxpowered.com> In-Reply-To: <1454962704.1059337526@mccaffrey.phoenix.volant.org> References: <1454962704.1059337526@mccaffrey.phoenix.volant.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Pat Lashley wrote:
> I'm trying to set up some jails in a 5.1R system. I've pretty much
> copied a setup that was working fine in 4.8; but on 5.1 I can't seem
> to SSH from the host system into one of its jails. It acts like the
> packets just aren't getting through.
>
> I would really appreciate it if somebody would send me rc.conf fragments
> that are known to work for setting up a jail's IP alias and routing on
> 5.1.
sure, but this isn't going to fix your problem:
ifconfig_wi0="inet 192.168.0.140 netmask 255.255.255.0"
ifconfig_wi0_alias0="inet 192.168.0.131 netmask 255.255.255.255"
jail_enable="YES"
jail_list="shiba"
jail_shiba_hostname="shiba"
jail_shiba_ip="192.168.0.131"
jail_shiba_rootdir="/usr/prison/192_168_0_130/"
jail_shiba_exec="/bin/sh /etc/rc"
To fix your problem you should try to mount a devfs for the jail so the
tty device is available for sshd to open when you login. I simply added
one line to my /etc/rc.d/jail script to test for the "dev" mount-point
in jail. Like so:
[ -d "${jail_rootdir}/dev" ] && mount -t devfs ${jail_rootdir}\dev
I suppose we could avoid this little fau pax in the future by adding a
new jail specific rc.conf var like this example:
jail_shiba_devfs="/usr/prison/192_168_0_130/dev"
It could be easy to have it simply exist, or be non-null, to imply a
desire for devfs, and further checked for the existence of the
mount-point as I wrote above.
I could have a pr+patch made in 5 minutes if anybody thinks this is not
a bad idea?
-Jon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F24440C.1000005>