From owner-freebsd-stable@FreeBSD.ORG Thu Jul 19 12:51:42 2007 Return-Path: X-Original-To: freebsd-stable@FreeBSD.org Delivered-To: freebsd-stable@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 456DC16A405 for ; Thu, 19 Jul 2007 12:51:42 +0000 (UTC) (envelope-from tony@techvalley.ca) Received: from mail2.techvalley.ca (mail2.techvalley.ca [66.199.130.140]) by mx1.freebsd.org (Postfix) with ESMTP id 22BE513C481 for ; Thu, 19 Jul 2007 12:51:42 +0000 (UTC) (envelope-from tony@techvalley.ca) Received: from localhost (localhost.localdomain [127.0.0.1]) by mail2.techvalley.ca (Postfix) with ESMTP id E56C42304B3; Thu, 19 Jul 2007 05:51:41 -0700 (PDT) X-Virus-Scanned: amavisd-new at techvalley.ca Received: from mail2.techvalley.ca ([127.0.0.1]) by localhost (mail2.techvalley.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 9b0gHDRUK-AP; Thu, 19 Jul 2007 05:51:41 -0700 (PDT) Received: from mail.techvalley.ca (S010600121701f0ec.vs.shawcable.net [24.85.106.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail2.techvalley.ca (Postfix) with ESMTP id BC6F72301F5; Thu, 19 Jul 2007 05:51:41 -0700 (PDT) Received: from monsoon.techvalley.ca ([192.168.1.1]) by mail.techvalley.ca (8.13.8/8.13.8) with ESMTP id l6JCuKKY024565; Thu, 19 Jul 2007 05:56:20 -0700 (PDT) (envelope-from tony@techvalley.ca) Message-Id: <7.0.1.0.0.20070719054823.01c1cd18@techvalley.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Thu, 19 Jul 2007 05:51:46 -0700 To: Doug Barton From: Tech Valley Internet - Tony Kivits In-Reply-To: <469F1F6D.3030002@FreeBSD.org> References: <7.0.1.0.0.20070718165244.01cf4240@techvalley.ca> <7.0.1.0.0.20070718201334.01f10bc8@techvalley.ca> <469F1F6D.3030002@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Cc: freebsd-stable@FreeBSD.org, Ivan Voras Subject: Re: Adding /dev/random and /dev/urandom to a jail. X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jul 2007 12:51:42 -0000 At 01:23 AM 7/19/2007, Doug Barton wrote: >Tech Valley Internet - Tony Kivits wrote: > > Yes but the random devices are not showing up there. > >Please don't post responses at the top of the message on FreeBSD >lists, it's icky and unnatural. :) > >You might want to take a look at what /etc/rc.d/named does to handle >this for the chroot, I think it may help. > >Doug > >-- > > This .signature sanitized for your protection Thanks Doug, I realized that I had them reversed write after I had sent it. I have basically done something similar to what named does and this is what I have found... The random and urandom devices are in the jail's /dev directory when the jail is created and the test you gave me to try did work once tweaked a bit. But when I run the installation script for hsphere the two devices disappear out of the /dev directory. The devices are then inaccessible for all processes until the jail is restarted. I have looked in the usually log files and nothing is recorded there. My configuration is as follows.... # Jail info in host's rc.conf jail_enable="YES" jail_interface="xl0" jail_devfs_enable="YES" jail_procfs_enable="YES" jail_list="cp" jail_cp_rootdir="/usr/jails/cp" jail_cp_hostname="cp.example.ca" jail_cp_ip="192.168.1.71" jail_cp_mount_enable="YES" jail_cp_devfs_ruleset="devfsrules_thin_jail" #devfs.rules [devfsrules_thin_jail=100] add include $devfsrules_hide_all add include $devfsrules_unhide_basic Any help would be appreciated in regards to why the devices are disappearing. Thanks, Tony