Date: Tue, 20 Nov 2001 14:15:36 +0800 From: francisv@dagupan.com To: freebsd-questions@freebsd.org Subject: RE: Help with setting up jail Message-ID: <10F29E27A956D511B0940050DA8D86A9340BB1@apmail.dagupan.com>
next in thread | raw e-mail | index | archive | help
Thanks Crist! BTW, do you also know other references/pointers/tips related
to jail (e.g. setting up of web services, ftp, mail, etc.)?
-----Original Message-----
From: Crist J. Clark [mailto:cristjc@earthlink.net]
Sent: Tuesday, November 20, 2001 2:11 PM
To: francisv@dagupan.com
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: Help with setting up jail
On Tue, Nov 20, 2001 at 10:42:59AM +0800, francisv@dagupan.com wrote:
> Hi,
>
> This is my first time to configure a jailed environment on FreeBSD
> 4.4-STABLE. I have read the `man jail(8)' and successfully installed the
> jail directory tree:
>
> D=/here/is/the/jail
> cd /usr/src
> make world DESTDIR=$D
> cd etc
> make distribution DESTDIR=$D NO_MAKEDEV=yes
> cd $D/dev
> sh MAKEDEV jail
> cd $D
> ln -sf dev/null kernel
>
> But once inside the jail environment, I could not ping nor contact the
> outside world (even the parent environment). It displays an error:
>
> ping: socket: Operation not permitted
>
> How can I install other packages if I can't even ping the parent host?
ping(8) send out the ICMP echo datagram on a raw socket. You can't
open raw sockets in a jailed environment. You cannot ping(8). Opening
TCP connections or sending UDP datagrams should work fine. Try
traceroute(8) or telnet(1).
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?10F29E27A956D511B0940050DA8D86A9340BB1>