Date: Tue, 2 Aug 2005 17:01:34 +0100 (BST) From: "Angus MacGyver" <macgyver@calibre-solutions.co.uk> To: freebsd-alpha@freebsd.org Subject: Fun with Jails... Message-ID: <1193.145.36.224.17.1122998494.squirrel@webmail.calibre-solutions.co.uk> In-Reply-To: <200508011307.14737.jhb@FreeBSD.org> References: <42EE1A34.6510B1CE@fadesa.es> <20050801151501.GA53593@freebie.xs4all.nl> <42EE50C3.5C01C564@fadesa.es> <200508011307.14737.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Jails, Love them.. got them all setup (4 of them) and all working all OK. HOWEVER... Two minor issues... 1) Enter the jail, and do a mount, as either a normal user OR root (or the jail)and I can see the mount mount that / of the jail starts from... To me, this me ain't pretty, and gives people an idea that they are jailed. E.g. jail1.FreeBSD /home/jail> mount /dev/md10c on /data/172.16.2.6 (ufs, local) jail1.FreeBSD /home/jail> su - Password: jail1# mount /dev/md10c on /data/172.16.2.6 (ufs, local) jail1# I've taken a look into the sysctl's and they are... sysctl -a | grep security security.jail.set_hostname_allowed: 1 security.jail.socket_unixiproute_only: 1 security.jail.sysvipc_allowed: 0 security.jail.getfsstatroot_only: 1 security.jail.allow_raw_sockets: 0 security.jail.chflags_allowed: 0 security.jail.jailed: 0 I changed security.jail.getfsstatroot_only to 0, and this made the problem worse as expected.. (i.e. all the mounts on host machine) So, question is, how do i get / mounted as / in a jail (if that is possible) 2) Using the nice "the-labs" tool kit for jails, including their webmin plugin to create and manage the jails. (makes it easy on eye /at a glance status) I create a machine with an ip, say 192.168.1.3, and hostname, say foobar... install works fine... Create a machine with an FQDN as the alias, say 192.168.1.3 and foobar.example.com, and things start to get very odd. First of all, the webmin page "finds them" when they are stopped, but then cannot start them. Neither can they be started from the command line as a FQDN, thoough they can be started with the IP If they are started using the IP from the command line, the webmin module only finds a started jail with the name of "." The "." then cannot be stopped with the webmin module.. Again, from the command line they cannot be stopped using the FQDN from the command line... As a workaround for this, i did a NON-FQDN setup, and changed the hostname in the jails /etc/rc.conf file... however this appears to have the same issue... Any thoughts ?? Cheers AM -- I ain't perfect ... ...Yet
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1193.145.36.224.17.1122998494.squirrel>