Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 22 Jun 2002 08:39:14 -0700 (PDT)
From:      "Nielsen" <nielsen@memberwebs.com>
To:        "Patrick Thomas" <root@utility.clubscholarship.com>
Cc:        <hackers@freebsd.org>
Subject:   Re: (jail) problem and a (possible) solution ?
Message-ID:  <20020622153914.17F6937B401@hub.freebsd.org>
References:  <20020622014826.U68572-100000@utility.clubscholarship.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> 1) do you allow them write access to their /dev/mem, /dev/kmem, /dev/io ?

Actually haven't yet let anyone else inside a jail with root capabilities.
Will soon though. So, no probably not, unless there's a daemon which does
just that.

> 2) does this sound like what you see?  Can you still ping the crashed
> server ?

Kernel routing still works. And yes ping too.

But come to think of this I've seen it on other (4.5, patched pretty much to
date) machines I use exclusively as routers. These have no jails on them. In
these cases after uptimes of let's say 2 or 3 months, the machine's daemons
stop responding and although a socket can be opened (just barely) it closes
again when the process listening on the other side doesn't pick it up.

IPSEC, firewalls, kernel routing, and all that continue to function just
fine. Like you said it's just the userland stuff that has problems.

The strange thing is, on one of my machines I was (eventually) able to log
in from the console, take the system down to single user mode and back up
and then everything worked like a charm.

Nate


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020622153914.17F6937B401>