jail

  1. Moviuro

    Nginx, single IPv4, IPv6, SSL/TLS, jails, one machine

    Hi all! I'm trying to build a good webserver that can serve over HTTPS only: My blog as static HTML (Jekyll, Hugo or whatever) Nagios Transmission Possibly some other web applications So far I have no encryption (nginx is just serving on port 80) and the following constraints: Only one IPv4...
  2. joel.bodenmann

    Jails for a web server

    I am currently setting up a server that will host static websites, WordPress installations, forums and an eCommerce shop. I'll use Nginx, PHP and MySQL. Some of the hosted websites will be completely independent: One is a personal blog, one is a community forum, another is a website for a...
  3. quamenzullo

    Networking and jails

    Hello, I still have some questions about networking and jails. I could not find the answers in the documentation or forums. I hope my questions are not too dumb. 1. The networking inside jails seems to partly rely on the networking of the host. To get "more" networking features, it is...
  4. L

    Solved OpenSMTPD in jail - bind: address already in use

    I'd like to have OpenSMTPD in a jail to process email for a domain I rent. I've done some configuration and when try to run it it says: fatal: smtpd: bind: Address already in use sendmail is working in the host and in each of the other jails with no problems of binding. In each, I haven't...
  5. D

    Regular user mounting via fusefs in a jail

    I have a host called "host" and a jail running on that host called "jail" I am trying to allow a regular user logged in interactively inside the jail to use fusefs to mount an iso, through the archivemount program. On host: host# sysctl vfs.usermount vfs.usermount: 1 host# sysctl...
  6. P

    Nessus and Nmap running in Jail

    Hello community, I want to run Nessus 6.5.4 under FreeBSD 10.2 RELEASE. It works like a charm, until I install it in a jail. If I start a scan it always fails because there are no targets available. In the logfile I can see a message which says that the specified target is declined as "dead"...
  7. M

    Solved Some clarification on resource control

    From https://wiki.freebsd.org/Hierarchical_Resource_Limits There are two seemingly contradictory statements on ability to change resource controls of processes. Quoting: And further, Confused what to deduce? The first one is for process under a user account? And the next one is just for...
  8. quamenzullo

    Solved Allowing mount_nullfs in jails built with ezjail

    Hello, I would like to be able to use mount_nullfs from inside one of my jails. I created it with ezjail, which does not use /etc/jail.conf yet (seems like it builds it, from its own old-style conf files, at each jail's startup). In /usr/local/etc/ezjail/my_jail, there is no option to let the...
  9. quamenzullo

    Solved Each website in its own jail

    Hello everyone, I'm quite new to jails, have read a lot of doc and forum posts and am a bit lost wondering what is the best/easiest/safest set up to serve several websites from the same server. I would like to put each website into its own jail, and use nginx as webserver. Questions: 1. Is it...
  10. forquare

    Solved Troubleshooting service startup

    Good afternoon all, I've installed Gitlab into a FreeBSD 10.2 Jail and got everything working nicely, except for the fact that when the Jail starts, Gitlab doesn't...All of the other related services start (redis, postgresql, and nginx). The rc script I'm using is from here and I've placed it...
  11. forquare

    Solved iocage Jail cannot escape home network

    Afternoon all, I have a fresh install of FreeBSD 10.2, it’s installed on VirtualBox. I have given the VM 4x virtio-net bridged adaptors—so they appear to be on my home network (192.168.1.0/24). My host rc.conf looks like this: hostname="aglardae" keymap="uk.iso.kbd" ifconfig_vtnet0="DHCP"...
  12. F

    Thin jail woes

    I've been using full jails until now, but updating them has become too cumbersome. So, I decided to try thin jails as instructed here: <https://clinta.github.io/freebsd-jails-the-hard-way/>. I have created a template with bsdinstall jail, modified it with a few packages, and made the fstab and...
  13. J

    Solved Access main host zpool from FreeBSD Jail

    I have a FreeNAS box and want to create a FreeBSD jail for custodial scripts to manage files on various datasets in my main zpool. I want the jail to be able to move files across datasets so I would prefer to not mount via a network share. I want to put these scripts into a jail so I can install...
  14. M

    Solved Differences in jail config parameters on ezjail

    Was trying to enable ping from within the jail created using sysutils/ezjail , however on a web search I was getting different ways of configuring the same parameters, which is confusing. In, /usr/local/etc/ezjail/testjail1 The following did not work: export...
  15. J

    Running a jail with sysvipc_allow="YES"

    Hi, I have to run many instances of PostgreSQL in different jails. And it seems it's not currently possible to run PostgreSQL in a jail without setting sysvipc_allow="YES" in the jail config. (Or is it? I stumbled onto this: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=48471 where someone...
  16. J

    Install package inside jail vs install package from outside

    Hi, I'm experimenting with jails and I can see two ways of installing packages (using the pkg command). For example, to install vim: either log into the jail and run # pkg install vim or, from the host # pkg -j myjail install vim I can see the benefit of the first way (from inside the...
  17. J

    Trying to understand jail networking

    Hi, I have trouble understanding how ip addresses work in regard to FreeBSD jails. Every single example I see seems to assign another IP (an alias) to a physical network interface on the host, and attribute it to the jail. But, my server is a remote machine and I was affected only one IP...
  18. J

    [ezjail] Download base system via HTTP instead of FTP?

    Hi, I'm following this tutorial to install and configure ezjail: http://www.bsdnow.tv/tutorials/jails At the step: $ sudo ezjail-admin install -sp the script tries to download ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/10.2-RELEASE/base.txz Is it possible to change the base url...
  19. A

    nginx "spdy" error

    I am following Joshua's guide to install owncloud in a jail. I am having consistent issues with the nginx.conf file. Originally, I posted in the FreeNAS forum specific to the owncloud jail...
  20. H

    Solved iocage does not handle releases properly

    Up to now, I have always used iocage with the release of the host system. Today, I wanted to try to create a jail with the 9.3-RELEASE but I ended up with a 10.2-RELEASE on the jail. To be sure I did things properly, I did the following steps. # iocage clean -r WARNING: this will destroy all...
Top