bastille

I would like to build jails with Bastille that are on the same server and share the same network with Bhyve guests. I am attempting to do this using the Bastille -B option to add the jail to an existing bridge. I am using IPFW and do not want to run any NAT. Should this be possible? The Bastille...

Hi folks especially SirDice, here is the thing I have a service listening on a SRV record, I think it is listening properly, what is not working is the access to the files. The service is a Gemini server which should provide text files (gmi) and media (jpg, png, etc.) it is closer to Gopher...

Hi guys, maybe pro don't need to do such questions but I am really confused... I am trying to expose the jail to the internet and of course nothing works... I assume I did right the DNS administration part on the VPS side (Vultr.com). I assume GMID, the Gemini server, is properly setup. I...

Hi guys, I am trying to build up again my Gemini server but this time I decided to use jails to run the services associate with, just for fun, and I thought that learning BastilleBSD would be cool. I have a my BastilleBSD container up and running (somehow) but I'd would like to keep the data...

Hi guys, I am following this Bastille tutorial to create a jail however I am not able to create the cloned interface as described in there: doas sysrc cloned_interface+=lo1 cloned_interface: -> lo1 doas sysrc ifconfig_lo1_name="bastille0" ifconfig_lo1_name: -> bastille0 doas service netif...

Hi folks, I have a bunch of questions/issues about Bastille, which is the best section to make answer about it? Thanks, freezr

I followed https://bastillebsd.org/getting-started/ and get PAM Failure. Anybody got an idea what's wrong? root@edge:/usr/local/bastille # uname -a FreeBSD edge 13.0-RELEASE-p11 FreeBSD 13.0-RELEASE-p11 #0: Tue Apr 5 18:54:35 UTC 2022...

So, I thought I would try setting up a jail with Bastille. I found some documentation here: https://bastillebsd.org/blog/2020/02/17/bastille-networking-in-depth/ So I put this in my /etc/rc.conf: linux_enable="YES" bastille_enable="YES" cloned_interfaces="lo1" ifconfig_lo1_name="bastille0" I...

Hi All, In a jail (Bastille) with Freebsd 13, I tried : - to install apache 24 : succesfull (I see 'it works' on the webpage) - to install php80-fpm : successful also via the test.php page - to install maraidb106 (server and client) : successful also and I create my database - to install...

Hi All, I am testing jail with BastilleBSD. It works fine but I have a specific need : how can I mount a dataset of the host ? I see the mount option (or fstab) of the jail. But not too much detail for the possible option. How to mount a dataset of the host ? Same also if I want to mount a...

Hey guys, I am currently experiencing a very strange behavior and I've got no more ideas: Situation: FreeBSD server running 13.0-RELEASE several (bastille) jails running 13.0-RELEASE some older (bastille) jails running 12.4-RELEASE SSH access to host (x.x.0.0/24 network) works SSH access to...

I have successfully created a jail & installed Firefox inside the jail problem Firefox is completely mute. I can't watch Youtube. How do I enable sound in the jailed Firefox ?

I'm using Bastille to manage several jails, and things have been working great for a while now. But recently I decided to upgrade the server and its jails from 12.2-RELEASE to 13.0-RELEASE. The upgrade on the server went without a hitch, and upgrading the base jail through Bastille was also not...

When I use a bastille, jail rules that include rules 1 to 3 from /etc/defaults/devfs.rules work. Rules 1 to 3, referenced in the beginning of rule 4: [devfsrules_jail=4] add include $devfsrules_hide_all add include $devfsrules_unhide_basic add include $devfsrules_unhide_login When I reference...

Install sysutils/bastille and net/gitup on host through either ports or packages. For a nested display server to run or test from the jail, install x11-servers/xorg-nestserver or x11-servers/xephyr on the host system as well. Bastille jail in the example or instruction will be named "myjail"...

How do I execute a graphical program that was built in Bastille? How would I do it from the package to the Host system? Also, how would I run it from inside the jail? A long time ago, I ran a graphical program inside an xserver inside a jail, in ezjail. I used x11-servers/xorg-nestserver then...

Hi all, The Problem My http(s) server is not responding to IPv6 requests from curl -v -L -6 my devpunx.com Curl logs: * Trying 2a03:b0c0:3:d0::1012:6001:80... * Immediate connect fail for 2a03:b0c0:3:d0::1012:6001: Connection refused * Closing connection 0 The Setup Host: FreeBSD...

Hi all, DiscIaimer: I only partially understand what I am doing. I set up a FreeBSD 13.0 Host with. BastilleBSD. Everything working fine but I struggle with the configuration of the pf packet filter, which is new to me (only used ipfw since). My goal is to be as restrictive as possible without...

I am using PF and cannot get packets forwarded to a particular jail. I want data that comes into my base machine on port 4243 to be forwarded to my jail that has a service that is listening on port 4243. I have verified with telnet that the jail can receive data on that port. Here is my...

How do I make devices in /dev/ accessible inside a Bastille jail? When I have two sets of rules, how do I set this in rc.conf.local, from within the host system? devfs_system_ruleset="localrules" How would bastille also get referenced with this? In devfs.rules of the host (not within the...