1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

jailed http server

Discussion in 'Networking' started by Beeblebrox, Apr 16, 2012.

  1. Beeblebrox

    Beeblebrox Member

    Messages:
    899
    Thanks Received:
    111
    Using www/lighttpd and it has been installed in a jail with IP 192.168.2.100/32 (which is an alias)

    When I try to start the service from inside jail, I get:
    Code:
    # lighttpd -D -f /usr/lo*/etc/lighttpd/lighttpd.conf
    (network.c.379) can't bind to port: 192.168.2.100 80 Address already in use 


    sockstat in the jail:
    Code:
    USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      
    root     cron       6562  4  dgram  -> /var/run/logpriv
    root     syslogd    6520  4  dgram  /var/run/log
    root     syslogd    6520  5  dgram  /var/run/logpriv


    ifconfig from inside jail:
    Code:
    re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    	options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE
    	inet 192.168.2.100 netmask 0xffffffff broadcast 192.168.2.100
    	media: Ethernet autoselect (1000baseT <full-duplex>)
    	status: active
     
  2. SirDice

    SirDice Moderator Staff Member Moderator

    Messages:
    17,533
    Thanks Received:
    2,353
    Make sure there's nothing running on the host that also uses port 80. If there is you must make sure it's bound to the host's IP address instead of all.
     
  3. Beeblebrox

    Beeblebrox Member

    Messages:
    899
    Thanks Received:
    111
    Nothing running on port 80 on host side. Stopping ntpd makes no difference. The "?" service is a mountd process for some reason...
    Code:
    # sockstat -4l
    USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      
    root     ntpd       78836 20 udp4   *:123                 *:*
    root     ntpd       78836 21 udp4   192.168.1.10:123      *:*
    root     ntpd       78836 22 udp4   192.168.2.1:123       *:*
    root     ntpd       78836 23 udp4   192.168.2.100:123     *:*
    root     ntpd       78836 24 udp4   192.168.2.101:123     *:*
    root     ntpd       78836 25 udp4   127.0.0.1:123         *:*
    root     inetd      78823 6  udp4   192.168.2.1:69        *:*
    dhcpd    dhcpd      78589 7  udp4   192.168.2.1:67        *:*
    dhcpd    dhcpd      78589 20 udp4   192.168.2.1:33002     *:*
    root     nfsd       78353 5  tcp4   192.168.2.1:2049      *:*
    root     mountd     78351 5  udp4   127.0.0.1:59          *:*
    root     mountd     78351 6  udp4   192.168.2.1:59        *:*
    root     mountd     78351 7  tcp4   127.0.0.1:59          *:*
    root     mountd     78351 8  tcp4   192.168.2.1:59        *:*
    root     rpcbind    78349 7  udp4   127.0.0.1:111         *:*
    root     rpcbind    78349 8  udp4   192.168.2.1:111       *:*
    root     rpcbind    78349 9  udp4   *:868                 *:*
    root     rpcbind    78349 10 tcp4   127.0.0.1:111         *:*
    root     rpcbind    78349 11 tcp4   192.168.2.1:111       *:*
    mysql    mysqld     5589  10 tcp4   192.168.2.101:3306    *:*
    root     perl       1644  6  tcp4   *:10101               *:*
    root     perl       1644  7  udp4   *:10000               *:*
    nobody   gdomap     824   3  udp4   *:538                 *:*
    nobody   gdomap     824   4  tcp4   *:538                 *:*
    root     syslogd    511   6  udp4   *:514                 *:*
    ?        ?          ?     ?  udp4   192.168.2.1:2049      *:*
     
  4. SirDice

    SirDice Moderator Staff Member Moderator

    Messages:
    17,533
    Thanks Received:
    2,353
    Not related but you can stop running ntp in your jails. It won't work anyway, jails get their time from the host.
     
  5. Beeblebrox

    Beeblebrox Member

    Messages:
    899
    Thanks Received:
    111
    ntp is for the diskless clients so that they can sync their clocks to host before distributed compile / compute starts. ntpd is running from host side (together with nfsd & rpcbind). I would prefer to run ntpd from the jail serving pxe but it does not start when placed in jail/etc/rc.conf. If I jexec into jail, stop dhcpd, I can then manually start ntpd then I just re-start dhcpd. This is too much of a hassle however.

    NFS runs on host as well because as yet, it's impossible to jail.

    EDIT: Of course, under normal jail circumstances one would not want ntpd running from inside a jail since it is unable to bind to a single IP but listens on all IP's instead - thereby causing a process leak to other jails and host its self.
     
  6. Beeblebrox

    Beeblebrox Member

    Messages:
    899
    Thanks Received:
    111
    The annoying part is, the jailed www/thttpd starts nicely with no errors, but shows nothing but a 404 page (jail-or-host, can't get it to work).
    I suppose this makes the initial post a lighttpd specific error?

    EDIT: Yes, the error was in my lighttpd.conf. I had copied it from host environment to the jail and had not changed
    Code:
    server.port = 80
    server.bind = "localhost"

    Should have been:
    Code:
    server.port = 80
    server.bind = "192.168.2.100"