Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 1 Oct 2007 15:18:53 -0400 (EDT)
From:      Randy Schultz <schulra@earlham.edu>
To:        freebsd-jail@freebsd.org
Subject:   djbdns on 1270.0.1 in a jail problem
Message-ID:  <Pine.BSF.4.64.0710011440340.51852@tdream.lly.earlham.edu>
next in thread | raw e-mail | index | archive | help 
Heya,

Playing around with jails and have run across something weird, I was wondering 
if somebody could explain.

I'm trying to get djbdns to run inside the jail, with tinydns running on
127.0.0.1.  The thing I cannot figure out is why tinydns always comes up on
the jail's IP address, and not lo0, as reported by sockstat: 
Root Dude ? sockstat -l
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS 
root     sshd       863   3  tcp4   159.28.1.59:22        *:*
tinydns  tinydns    862   3  udp4   159.28.1.59:53        *:*
root     syslogd    800   4  dgram  /var/run/log
root     syslogd    800   5  dgram  /var/run/logpriv
root     syslogd    800   6  udp4   159.28.1.59:514       *:*
root     sshd       638   3  tcp4   159.28.1.66:22        *:*
root     syslogd    530   4  dgram  /var/run/log
root     syslogd    530   5  dgram  /var/run/logpriv
root     syslogd    530   6  udp6   *:514                 *:*
root     syslogd    530   7  udp4   *:514                 *:*
root     devd       464   4  stream /var/run/devd.pipe

My setup(really just a standard install) runs fine on a non-jailed system,
tinydns comes up on 127.0.0.1.  The jail does have the correct env setting:
[root@opal /]# cat /service/tinydns/env/IP
127.0.0.1

At first I thought it was because lo0 was not in /dev in the jail.  I've gone
as far as unhiding *everything* in /dev via:
Root Dude ? cat /etc/devfs.rules
[test_unhide_all=5]
add include $devfsrules_jail
add unhide

This indeed worked as the jail now has everything in it's /dev.  Grasping at
straws, I've also tweaked sysctl settings for jails:
Root Dude ? sysctl -a|egrep jail
security.jail.jailed: 0
security.jail.chflags_allowed: 0
security.jail.allow_raw_sockets: 1
security.jail.enforce_statfs: 2
security.jail.sysvipc_allowed: 1
security.jail.socket_unixiproute_only: 1
security.jail.set_hostname_allowed: 1


I know it's just something simple I'm missing/glossed over while reading but
could somebody pls point me in the general direction of why 127.0.0.1 appears
to be unavailable, or where I could read up on how to get it to work?

Tnx.

--
  Randy    (schulra@earlham.edu)      765.983.1283         <*>

Love with your heart, think with your head;  not the other way around.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.64.0710011440340.51852>