jail started but jls prints nothing

rocky

rocky

Hello all,

I followed the instructions at http://www.freebsd.org/doc/en/books/handbook/jails-application.html. The only difference is my setting in /etc/rc.conf

Code: 
jail_enable="YES"
jail_set_hostname_allow="NO"

jail_list="www"

jail_ns_hostname="ns.localdomain"
jail_ns_ip="192.168.5.14"
jail_ns_rootdir="/home/j/ns"

jail_mail_hostname="mail.localdomain"    
jail_mail_ip="192.168.5.15"
jail_mail_rootdir="/home/j/mail"

jail_www_hostname="www.localdomain"    
jail_www_ip="192.168.5.16"
jail_www_rootdir="/home/j/www"

(the author told to use "/usr/home/j/www" but I used /home/j/www" because there aren't any directory /usr/home)

When I started `jail`, no error occured. But `jls` printed nothing. Below the log file /var/log/jail_www_log

Code: 
$ tail /var/log/jail_www_console.log 
/etc/rc: cannot create /dev/null: Read-only file system
ps: /dev/null: No such file or directory
Loading configuration files.
/etc/rc: cannot create /dev/null: Read-only file system
/etc/rc: cannot create /dev/null: Read-only file system

Wed May 13 03:26:46 UTC 2009

Any helps are highly appreciated.
 
Your jails haven't started. You are missing /dev in your jails. You can either create the devices using mknod or mount devfs in the jails.

Code: 
jail_ns_devfs_enable="YES"
jail_ns_devfs_rules="jail"
 
@FBSDin20Steps wrote:
> Your jail_list isn't complete...

Yes the full list should contain "ns" and "email". I just use "www" for test purpose. In fact if I used jail_list="ns mail www" I would get the same problem.

@SirDice wrote:
> Your jails haven't started. You are missing /dev in your jails. You can either create the devices using mknod or mount devfs in the jails.

Great. I temporarily mount devfs and get "www" work.

Code: 
jail_www_devfs_enable="YES"
jail_www_devfs_rules="jail"

Now `jls` show the started jail but I couldn't ping nor run `tcsh` by using `jexec`:

Code: 
# jls
JID  IP Address     Hostname          Path
  9  192.168.5.16   www.localdomain   /home/j/www

# jexec 9 tcsh
jexec: Unable to parse jail ID.: No such file or directory

# nmap -PN 192.168.5.16

Starting Nmap 4.85BETA7 ( http://nmap.org ) at 2009-05-13 13:15 ICT
Nmap done: 1 IP address (0 hosts up) scanned in 0.26 seconds

# cat /var/log/jail_www_console.log 

Loading configuration files.
Generating host.conf.
Creating and/or trimming log files:.
Starting syslogd.
syslogd: child pid 10276 exited with return code 1
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout
Clearing /tmp (X related).
Starting local daemons:.
Updating motd.
Starting cron.
Local package initialization:.

What's wrong to my jail?

Thank you for your helps.
 
Start with one jail...

Here is an example.


Code: 
# Jails setup
jail_enable="YES"
jail_set_hostname_allow="NO"
jail_list="www"
jail_interface="re0"

# Create aliases
ifconfig_re0_alias0="inet xxx.xxx.xxx.xxx/24" #www

# www
jail_www_rootdir="/home/j/www"
jail_www_hostname="www"
jail_www_ip="xxx.xxx.xxx.xxx"
jail_www_exec="/bin/sh /etc/rc"
jail_www_devfs_enable="YES"
jail_www_fdescfs_enable="YES"
jail_www_procfs_enable="YES"
 
rocky said:
@SirDice wrote:
> Your jails haven't started. You are missing /dev in your jails. You can either create the devices using mknod or mount devfs in the jails.

Great. I temporarily mount devfs and get "www" work.

Code: 
jail_www_devfs_enable="YES"
jail_www_devfs_rules="jail"

Now `jls` show the started jail but I couldn't ping nor run `tcsh` by using `jexec`:

Code: 
# jls
JID  IP Address     Hostname          Path
  9  192.168.5.16   www.localdomain   /home/j/www

# jexec 9 tcsh
jexec: Unable to parse jail ID.: No such file or directory
Click to expand...

How did you start the jail? You should use /etc/rc.d/jail start www. That will also take care of the mounting of devfs.
 
I used both two methods:

Code: 
/etc/rc.d/jail start
/etc/rc.d/jail start www

and I still get the same problem with jexec. I have a strange result with `jps`:

Code: 
#jps 13
  PID  TT  STAT      TIME COMMAND
23447  p1  R+J    0:00.00 ps

It seems that there's nothing running inside the `www` jail.

:(
 
What version of fbsd are you running? Somethings changed a bit during 7.*.

Here's my bit of /etc/rc.conf:
Code: 
jail_enable="YES"
jail_list="internetz"
jail_internetz_rootdir="/jail/j1/"
jail_internetz_hostname="internetz.dicelan.home"
jail_internetz_ip="192.168.1.191"
jail_internetz_interface="rl0"
jail_internetz_mount_enable="YES"
jail_internetz_devfs_enable="YES"
jail_internetz_devfs_rules="jail"

My jail's rc.conf looks like this:
Code: 
hostname="internetz.dicelan.home"
interfaces=""
syslogd_flags="-ss"
sendmail_enable="NONE"
sshd_enable="NO"
apache22_enable="YES"
 
In addition to SirDice's comments you can do a warm reboot to make sure that everything is configured properly.
There is a nice howto on bsdguides It gives you the basic idea of how a jail works.
 
Thanks SirDice and FBSDin20Steps for your patience and kind helps. And thanks FBSDin20Steps for a very nice resource link :)

I am using FreeBSD-7.2-RELEASE. I also reboot the system.

Guessing that the problem may be caused by an old document (http://www.freebsd.org/doc/en/books/handbook/jails-application.html) I tried a complete jail as in http://www.freebsd.org/doc/en/books/handbook/jails-build.html. Because my IP changed I used the following setting

Code: 
jail_test_hostname="test.localdomain"
jail_test_ip="192.168.1.9"
jail_test_rootdir="/home/j/test"
jail_test_devfs_enable="YES"
jail_test_exec="/bin/sh /etc/rc"
jail_test_devfs_ruleset="jail"

After executing /etc/rc.d/jail start test

Code: 
# /etc/rc.d/jail start test
Configuring jails:.
Starting jails:/etc/rc.d/jail: WARNING: devfs_set_ruleset: you must specify a ruleset number
devfs rule: ioctl DEVFSIO_SAPPLY: No such process
 test.localdomain.

# cat /var/log/jail_test_console.log 

Loading configuration files.
Creating and/or trimming log files:.
Starting syslogd.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout
Clearing /tmp (X related).
Starting local daemons:.
Updating motd.
Starting cron.
Local package initialization:.

Wed May 13 12:34:50 UTC 2009


I can see 'test' in `jls` but once again I cannot enter to jail environment because of the same error (jexec: Unable to parse jail ID.: No such file or directory).

So strange :) I'd like to try again. If you need any other information for debugging please let me now.

Thanks again.
 
Looking at the jail log, it does start. The only thing wrong I see in the logs is the devfs message. Have a look at /etc/defaults/devfs.rules, there should be a jail rule in there.

Code: 
# jexec <JID> /usr/bin/su -
Doesn't work?
 
Thank you all, FBSDin20Steps and SirDice. I got it!

After trying FBSDin20Steps way, I got a very nice information

Code: 
# jail /home/j/test test 192.168.1.9 /bin/sh
/libexec/ld-elf.so.1: Cannot open "/usr/local/lib/xvnkb.so.0.2.9"

What's up? I am Vietnamese so I used `xvnkb' (from ports) to type local messages. `xvnkb' requires its library being pre-loaded. And this preloading conflicts with jail. Lol.

The workaround is below

Code: 
# export LD_PRELOAD=""
# jexec 6 tcsh
## now i'm in jail

So sorry for `xvnkb` :) And thank you so much again!
 
Ah.. Never would have thought of that...

You could install that port in the jail too.
 
:) never would have thought of that :)

Now am in jail. And I am going to use Scim instead of `xvnkb`.

Thank you all for helps.
 
You must log in or register to reply here.
Back
Top