Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 24 Apr 2014 11:20:20 -0400
From:      Alejandro Imass <aimass@yabarana.com>
To:        Eduardo Morras <emorrasg@yahoo.es>
Cc:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: FBSD jail versus VMWare? What services do YOU run in a jail?
Message-ID:  <CAHieY7SDLPbat9FqAnwSVO49v=ZoE5rS8bqU4q1KMfiP6=tiTA@mail.gmail.com>
In-Reply-To: <CAHieY7ScTFwchnJii2qxj4eW5yGNPxRfC9%2BPikRiPm-6xCJkdQ@mail.gmail.com>
References:  <CAFS4T6apJ30_WPrV3-azuwr5LHFE8htEk5a_xqe7DRZ7Wy5XqQ@mail.gmail.com> <20140424090234.5636f9d19dbc478c9593e55b@yahoo.es> <CAHieY7ScTFwchnJii2qxj4eW5yGNPxRfC9%2BPikRiPm-6xCJkdQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Apr 24, 2014 at 11:18 AM, Alejandro Imass <aimass@yabarana.com> wrote:
> On Thu, Apr 24, 2014 at 3:02 AM, Eduardo Morras <emorrasg@yahoo.es> wrote:
>> On Tue, 22 Apr 2014 14:47:45 -0700
>> "edflecko ." <edflecko@gmail.com> wrote:
>>>
>>> What type of services CAN be run from within a jail?
>>
>> I tried to run PostgreSQL8.4 (IIRC) in a jail under FreeBSD8.2. There were a lot of problems with SysV signals and semaphores (IIRC) and had to install it in host. Don't know if it's actually relevant.
>>
>
> Yes SYSV IPC is _potentially_ problematic but the workaround is
> usually easy if you just make sure that you don't repeat the uids of
> the apps using SYSV IPC.
>
> So to run Pg on more than one Jail what I do is just change the Pg
> user id by concatenating the default hid which is 70 to the last
> numbers of the IP address of the jail. So for example if the IP of the
> jail is 192.168.101.124 I would do this as soon as I install Pg on the
> Jail:
>
> pw usermod pgsql -u 70124
> pw groupmod pgsql -g 70124
> pw usermod pgsql -g 70124
> chown -R pgsql /usr/local/pgsql/
> chgrp -R pgsql /usr/local/pgsql/
>


You will also need this to run Pg in Jails:

/etc/sysctl.conf
security.jail.sysvipc_allowed=1


 kern.ipc.shmall=65536
 kern.ipc.shmmax=134217728
 kern.ipc.semmap=4096


Best,

Alejandro Imass

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHieY7SDLPbat9FqAnwSVO49v=ZoE5rS8bqU4q1KMfiP6=tiTA>