jails

  1. R

    PF PF config for double NAT jail host

    I think that I'm being somewhat ambitious and I'm finding that I'm getting some horrible issues as a result. Firstly, what I'm trying to achieve. The way that I have tried to set up this network in the past was that the router was in the DMZ and that it passed some traffic (HTTP/S) through to...
  2. T

    Understanding permissions in jails and host

    Hello everyone, I have recently upgraded my FreeBSD 10.3 server to 11.2. With this change, I also setup my system using jails: - Plex - Samba - Apache PHP stack - Nginx Node.js stack - Database stack - Etc. I have two ZFS pools: - zfs-os the FreeBSD OS - data mounted to /data I am using...
  3. squirtle

    Setting up a router in a jail to use openvpn client

    I know, this appears to be answered all over the place. But none of the answers are working for me so I must have misunderstood something somewhere along the way. Background: I'm trying to set up a FreeBSD jail that acts as a router. Inside that jail, I'd like to run OpenVPN. I would like all...
  4. timypcr

    Trouble installing packages in jails after FreeBSD 11.2 upgrade

    I recently upgraded from FreeBSD 11.1-release to 11.2 following the handbook, I’m now getting : size mismatch, cannot continue on some of the jails when attempting to update and install packages. For example when I attempt to install curl Fetching curl-7.61.0.txz: 100% 1 MiB 1.3MB/s...
  5. rumate

    Solved Jails configuration

    Hi all, I wonder if it is possible to define automatically starting services in /etc/jail.conf? I can set an IP address for a jail, define the NIC to use, give a hostname and other variables. I couldn't start apache24 using exec.start, I assume, because this service isn't enabled in the jail's...
  6. J

    Other Difference between Fail2ban "jails" and FreeBSD jails

    First off, I am not 100% sure if this question belongs in this forum, or in the general topics (base system) forum. So I'd be grateful if a more knowledgeable admin advised on it. I am reasonably familiar with FreeBSD jails, and I use them often enough (via ezjail). While recently checking out...
  7. L

    Solved Jails - ezjail, qjail, iocage, other

    After almost a couple years away, I'd like to know about jails management systems, for a new server. In the past I've used ezjail, then qjail. Now, in 2018, are all these tools up-to-date with current? ezjail is mentioned in the manual, so I guess it should be... iocage seems to require Python...
  8. Farhan Khan

    My "Thin" Jail Configuration

    Hi all, wanted to get a review of my jail configuration. In short, I created a "base" jail and am read-only null-mounting the other jail's static files to it. Three predicates: /etc/rc.conf will create a bridge0 at startup and add re0 (the public internet) to it. /usr/jail/base is a FreeBSD...
  9. Wamphyre

    Weird trouble with Nginx/Apache reverse proxy on Jail.

    Hello. I'm experiencing a strange problem in my FreeBSD 11.1 jailed web server. 4 hours ago I needed to replace the hard drive of my home server, because was broken and I reinstalled FreeBSD with exactly the same config before hard drive change, where the jailed server was doing the work so...
  10. Farhan Khan

    Solved ssh immediately disconnecting across all jails

    Hi all, I ran freebsd-update across all my jails. Now, whenever I try to ssh(8) into one, the connection immediately dies. There are no messages in /var/log/messages. Example below: $ telnet 192.168.100.22 22 Trying 192.168.100.22... Connected to 192.168.100.22. Escape character is '^]'...
  11. DiscmanDaemon

    Solved Laundry Memory, Jails, and Thrashing

    Good Morning All, I have been experiencing some mysterious thrashes on one of my servers, and I have finally gathered enough data about the problem to possibly ask for help (it was very difficult to get data since once it started thrashing there was nothing to be done except reboot...). The...
  12. DiscmanDaemon

    Solved Giving jails network access through host's IP

    Hello all, I am looking to allow a processes inside jails to make network requests (such as DNS lookups, http requests, etc). The spit in the punch is that I wish to avoid giving them an alias on the host's NIC as I want to automate the creation and destruction of jails, and wish to avoid...
  13. T

    IPFW authpf alternative?

    I have a use case for authpf. However, I'd prefer to stick with IPFW as it seems to be more maintained and more recent than the included PF version. However, I've been unable to locate an alternate option that'll work with IPFW. Maybe I'm missing something, or maybe there's another way...
  14. n9010

    change the default shell for jexec

    Hi, I recently changed the default shell of one of my servers to zsh, since I'm lazy I used to type jexec <jailname> to jump inside a jail. After I switched to zsh, I get an error because zsh is not installed inside the jails. I know that I can use jexec <jailname> /bin/csh, but since I'm...
  15. scrappywan

    IOCAGE jails not found after pkg upgrade to 0.9.9.1_1

    On FreeBSD 11.1 I have four jails running that were created with py36-iocage about three months ago. Recently I ran pkg update/upgrade on my system and it upgraded IOCAGE to version 0.9.9.1_1. Since my last reboot IOCAGE can no longer locate any of the jails it originally created as if it...
  16. DiscmanDaemon

    Automating Headless Firefox with XVFB in Jails without login

    Hello all, I am trying to make use of the jails to run instances of a selenium/firefox app. To make Firefox run "headlessly", I am using XVFB (yes I do know that PhantomJS exists. This is testing a Firefox extension, so it really needs to be firefox) Currently, it works fine if I manually log...
  17. Duffyx

    Solved Jail IP configuration

    I've been diving into jails lately and I'm scratching my head. In terms of pure configuration of jail.conf I have no real questions. However in terms of IP usage and interface allocation I have a few. I have read many threads about jails and have seen 2 approaches most widely used: 1) Jail IP...
  18. Phishfry

    Solved Jail with other versions of FreeBSD

    I created my first jail tonight. My goal was to build NanoBSD images from source with -CURRENT in a jail on a FreeBSD 11.1 server. Is this possible? I got it up and running and configured ssh but when I run uname I get FreeBSD 11.1 not -CURRENT So can I run -CURRENT in a Jail and compile...
  19. Farhan Khan

    Jails different VLANs can still communicate?

    I first created two vlans, as follows: ifconfig vlan1 create vlan 1 vlandev em0 ifconfig vlan1 10.1.0.1/24 ifconfig vlan2 create vlan 2 vlandev em0 ifconfig vlan2 10.2.0.1/24 I then created two jails as follows: vlan1 { path = /usr/jail/vlan1; allow.mount; mount.devfs...
  20. I

    How to create a ZFS dataset within a jail?

    I'm trying to run Docker (must be within a FreeBSD jail) How do I create this: -- You will need to create a ZFS dataset on /usr/docker # zfs create -o mountpoint=/usr/docker <zroot>/docker -- when zfs list shows "no datasets available" ? The jail name is "testing" and it seems that is trying...
Top