jails

Hi all, wanted to get a review of my jail configuration. In short, I created a "base" jail and am read-only null-mounting the other jail's static files to it. Three predicates: /etc/rc.conf will create a bridge0 at startup and add re0 (the public internet) to it. /usr/jail/base is a FreeBSD...

Hello. I'm experiencing a strange problem in my FreeBSD 11.1 jailed web server. 4 hours ago I needed to replace the hard drive of my home server, because was broken and I reinstalled FreeBSD with exactly the same config before hard drive change, where the jailed server was doing the work so...

Hi all, I ran freebsd-update across all my jails. Now, whenever I try to ssh(8) into one, the connection immediately dies. There are no messages in /var/log/messages. Example below: $ telnet 192.168.100.22 22 Trying 192.168.100.22... Connected to 192.168.100.22. Escape character is '^]'...

Good Morning All, I have been experiencing some mysterious thrashes on one of my servers, and I have finally gathered enough data about the problem to possibly ask for help (it was very difficult to get data since once it started thrashing there was nothing to be done except reboot...). The...

Hello all, I am looking to allow a processes inside jails to make network requests (such as DNS lookups, http requests, etc). The spit in the punch is that I wish to avoid giving them an alias on the host's NIC as I want to automate the creation and destruction of jails, and wish to avoid...

I have a use case for authpf. However, I'd prefer to stick with IPFW as it seems to be more maintained and more recent than the included PF version. However, I've been unable to locate an alternate option that'll work with IPFW. Maybe I'm missing something, or maybe there's another way...

Hi, I recently changed the default shell of one of my servers to zsh, since I'm lazy I used to type jexec <jailname> to jump inside a jail. After I switched to zsh, I get an error because zsh is not installed inside the jails. I know that I can use jexec <jailname> /bin/csh, but since I'm...

On FreeBSD 11.1 I have four jails running that were created with py36-iocage about three months ago. Recently I ran pkg update/upgrade on my system and it upgraded IOCAGE to version 0.9.9.1_1. Since my last reboot IOCAGE can no longer locate any of the jails it originally created as if it...

Hello all, I am trying to make use of the jails to run instances of a selenium/firefox app. To make Firefox run "headlessly", I am using XVFB (yes I do know that PhantomJS exists. This is testing a Firefox extension, so it really needs to be firefox) Currently, it works fine if I manually log...

I've been diving into jails lately and I'm scratching my head. In terms of pure configuration of jail.conf I have no real questions. However in terms of IP usage and interface allocation I have a few. I have read many threads about jails and have seen 2 approaches most widely used: 1) Jail IP...

I created my first jail tonight. My goal was to build NanoBSD images from source with -CURRENT in a jail on a FreeBSD 11.1 server. Is this possible? I got it up and running and configured ssh but when I run uname I get FreeBSD 11.1 not -CURRENT So can I run -CURRENT in a Jail and compile...

I first created two vlans, as follows: ifconfig vlan1 create vlan 1 vlandev em0 ifconfig vlan1 10.1.0.1/24 ifconfig vlan2 create vlan 2 vlandev em0 ifconfig vlan2 10.2.0.1/24 I then created two jails as follows: vlan1 { path = /usr/jail/vlan1; allow.mount; mount.devfs...

I'm trying to run Docker (must be within a FreeBSD jail) How do I create this: -- You will need to create a ZFS dataset on /usr/docker # zfs create -o mountpoint=/usr/docker <zroot>/docker -- when zfs list shows "no datasets available" ? The jail name is "testing" and it seems that is trying...

Normally, we have to put the network interface (e.g. em0 or igb0) when setting up jails. For example: jail_jailname_ip="192.168.1.100" jail_jailname_interface="igb0" If the network interface (physical card) is being sent as pass-thru via bhyve to a virtualized operating system running within...

Since the several past releases, we had been been getting this message: /etc/rc.d/jail: WARNING: Per-jail configuration via jail_* variables is obsolete. Please consider migrating to /etc/jail.conf. I had been keeping watch on the jails documentation for a few years and still couldn't see...

When trying to start pf with service pf start, I get the following error message: Enabling pfpfctl: /dev/pf: No such file or directory pfctl: /dev/pf: No such file or directory pfctl: /dev/pf: No such file or directory My Jails are confiugred in /etc/jail.conf: # Global Stuff exec.start...

Hi all, this is my first post here. First thanks for this great system. Im a long term linux guy (principally debian), but after linux move to systemd I started to look on another direction... First an introduction before my question. I'm building an automated provisioning system with ansible...

Hello everyone I recently set up Nextcloud in a jail using apache24, mariadb101 and php70 on FreeBSD 10.3. After rebooting my server the jail will not come up correctly. It won't mount datasets and all the packages I installed and their configuration seems gone. pkg info only returns pkg. I...

Hi, since various applications want to do that, often fail/coredump not being able to I wonder whether there is a way to allow mlock in jail. I am getting a permission denied there. I am using FreeBSD 10.3 on the target machine and ezjail.

Is this possible? I have seen older threads stating this is not possible. But I think it might have to do with older versions... do I need to explicitly disable nfs and rpc on the host?