I didn't know where to post this because I could not find a specific jail forum so figured I would post it here as a base system general thread :)
Am no expert so really after some opinions from experienced users and anyone who has seen this happen.
It would be great to know if this...
I need some help for jail setup.
We have now moved to jail.conf and the "devfs_ruleset" is giving us some problem.
Previously, it was something like jail_jailname_devfs_ruleset="devfsrules_jail" in the old style.
I tried to put "devfs_ruleset = "nginx_ruleset";"
and I'm getting this error...
We are having trouble with finding ways to redirect the public IP address to the jail IP address. We have looked into the rc.conf and jail.conf files but are now sure how we should edit any of these files to achieve this.
We have previously been unsuccessful in editing pf values...
I have set up a jail specifically for PostgreSQL. PostgreSQL-9.5 is installed via the pkg manager. When I try to initialise it I get this:
The files belonging to this database system will be owned by user "pgsql".
This user must also own the server...
I've been having an issue with one of my servers that runs rclone all day. It kernel panics after about 13-14 days of uptime, and the only difference on this host is that it runs a lot of rclone processes inside of a jail. Here is the console message:
Fatal trap 12: page fault while in...
I have a FreeNAS Mini running with a jail for Nextcloud. While moving my files from Dropbox to the Nextcloud instance, I realized that there are many fastcgi timeouts happening.
In order to investigate the cause, I observed a strange behavior which I don't really understand but my hope is that...
I have some jails on my FreeBSD host. They have IPv4 addresses on a cloned interface lo2 I created. None of the jails has an ip address on the external interface of the host. They only use the cloned interface lo2 and I configured my pf firewall so that the host acts as a router and does...
My setup is as follows:
freenas ---- switch ---- station
freenas is running FreeBSD 11.2 with iocage jail using VNET/VIMAGE network stack (though same behaviour is observed on warden jails and previous FreeBSD releases)
It all started when I noticed that station loses connection to jail...
As far as I know, nullfs(5) is useful for sharing an existing and mounted directory between jails. I can edit fstab(5) file of each jails:
/path/to/be/shared /usr/jails/foo/path/shared nullfs ro 0 0
/path/to/be/shared /usr/jails/bar/path/shared nullfs rw 0 0
But it seems probably true that...
I'm using ezjail and IPFW, at least thus far.
So far I have 10.13.13.0/8 subnet. My gateway is .1, my host server is .2, and my first jail is at .3
I noticed that from within my jail at .3 I can knock on the outside if .2.
I added this rule to my host but it makes no difference:
I am working on a solution for mass jails deployment based on ZFS datasets and unionfs.
A jail template is created by extracting base archive into the dataset. Then the dataset is mounted read-only in all the jails' roots and each jail has its own lean dataset, where only the deltas are stored...
I am running a FreeBSD EC2 instance with a single jail.
In a regular homebrew setup, I would create a jail in "shared IP" (iocage) mode, and configure my router to forward various ports to the jail. In EC2, I am not sure whether to share the public IP or assign a new one.
I created a new...
I decided to share my setup for SLAAC on jail vnet.
1. Create bridge and epair interface in /etc/rc.conf
#Configure bridge interface for jails vnet
#epair0 - jail interface
cloned_interfaces="bridge0 epair0" #create bridge and epair
ifconfig_bridge0="ether xx:xx:xx:xx:xx:xx addm re0 SYNCDHCP"...
My server upgrade to 12.0-Release and found news about VIMAGE into GENERAL config, meant VIMAGE ready for product environment.
So I wish to migrate exist ordinary jail to VIMAGE infrastructure too :).
But procedure stopped at default gateway.
Current ordinary jail environment detail...
My server's jail need outgoing internet connection for Let's encrypt OCSP Staple, but connect problem IPv6 only.
wan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
When I start the jail, I get this message on my console.
nd6_dad_timer: cancel DAD on epair1b because of ND6_IFF_IFDISABLED.
Then the jail cannot use IPv6 until the base initiates connection to it (ie, the base pings the jail first). Otherwise, networking over IPv6 does not work
I follow the handbook (https://www.freebsd.org/doc/handbook/jails-application.html) and set up a nginx jail. I use a standard base partition mounted as read-only nullfs, and a skel partition mounted as read-write nullfs. My fstab is shown as follows:
I've modified the patch I found on these fora to allow /dev/kmem write access inside jails. The security arguments are hopefully well known: there isn't any. It's still useful for me in order to test different Xorg configs, desktop environments, and ports trees without potentially screwing up...
I have an issue with my PF rules and I would like to understand why this is happening and how to solve it. I have very basic knowledge of PF and this is kind of learning curve for me.
I have gitea server https://www.freshports.org/www/gitea/ running inside a jail in a vm. It works...