jails

Hello, I am trying to install a wireguard VPN in a jail but am having some trouble with the jail playing with TUN devices. When I try to create the wireguard interface I get the following error: root@vpn2:~ # wireguard-go wg0 INFO: (wg0) 2020/10/20 17:10:56 Starting wireguard-go version...

Made a post earlier about theoretical hidden directories attack vectors and PEFS. This is a simple question about a problem I'm having. Inside a jail. With allow.mount; and enforce_statfs="0"; in /etc/jail.conf, I am getting the error message root@jail:/home/user # ls -I test...

Hi all, I am trying to run multiple instances of an application in different jails. The jails should be identical in all ways except different IP addresses and one directory, where the configuration for the given application will reside. Is there a way to trivially create jails of this sort...

I think I know the answer to this, but want to confirm... I'm setting up the Falkon browser in my jails, and one of the options is to allow Javascript access to the clipboard. I'm guessing that it only has access to the clipboard internal to the jail, but I really want to confirm that. The...

I have a vnet jail for my physical NIC. In order to start the pf service in that jail, I had to add a devfs.rule to unhide /dev/pf. I also have wireguard jails which I intend to do the same, and connect them to my NIC-jail. (everything is vnet). Does anyone know if this is a bad idea? Will...

Hi all! how are you? :) I have a Jail host which contains about 50 Jails. During day-to-day operations, I need to install packages, a lot of these packages are the same (nginx, vim-console, etc), it would be really good if I can make the Jail host a pkg cache server, where the Jails can use the...

I am running a few jails via ezjail. Nginx and pf on the main host take care of routing incoming requests to the appropriate jail. Each jail needs to run different instances of the same service - Apache and MySQL. Please help me get the set up right for doing this^^. As far as I understand...

Hey Community, I want to try something but need some advice before I start. If I open a pppoe connection on a machine which has some jails instantiated, could these (maybe compromised) jails do something nasty with that tun device? In my understanding the kernel creates the pppoe device which...

I have been fighting with quotas in jails and have found a number of inconsistencies with quotas and associated commands on both the host system and the jails. In prior releases, I have successfully deployed jails supporting quotated users with ezjail. I'm looking to move to 12.x and have been...

Hi All, I didn't know where to post this because I could not find a specific jail forum so figured I would post it here as a base system general thread :) Am no expert so really after some opinions from experienced users and anyone who has seen this happen. It would be great to know if this is...

Hello All, We are having trouble with finding ways to redirect the public IP address to the jail IP address. We have looked into the rc.conf and jail.conf files but are now sure how we should edit any of these files to achieve this. We have previously been unsuccessful in editing pf values...

On my system, pkg within jails seems to complain about the version numbers. I have checked the older posts (mostly from late last year) in this category, but I don't believe they solve my problem. Symptoms: Issuing a pkg update within a jail gave the apparently common error But, doing uname...

Hello, I have some jails on my FreeBSD host. They have IPv4 addresses on a cloned interface lo2 I created. None of the jails has an ip address on the external interface of the host. They only use the cloned interface lo2 and I configured my pf firewall so that the host acts as a router and does...

I would like to share HOWTO about RabbitMQ Cluster on FreeBSD. RabbitMQ Cluster on FreeBSD Containers https://vermaden.wordpress.com/2019/06/05/rabbitmq-cluster-on-freebsd-containers/ #verblog #amqp #cluster #containers #freebsd #go #HA #jails #rabbitmq

Starting on p. 165, to create a jail with multiple interfaces, you need to do: create a cloned interface (lo1), specify multiple interfaces for the jail in a comma-separated list, call the jib script with the bridge names, be happy. Step 1: /etc/rc.conf: ifconfig_em0_name="lab"...

Hey all, I follow along in Lucas' new book FreeBSD mastery: Jails. Starting on p. 159, I copied over the /usr/share/examples/jail/jib file and make it executable (something Lucas fails to mention). However, I use a different name for my physical interface: lab instead of jailether...

Linux has Unprivileged containers, through which a user can manage containers if admin allows him via a special config file, faking some parts with user subuids and subgids, and others, like create devices, etc… are "bypassed" during the installation process of "tweaked" templates of lxchub (or...

Hi all, I would really like to use iocage, but I cannot get routing/networking working at all despite multiple configurations scenarios. My Base system has the IPv6 address: My_Prefix::83c:5001/64 and a public IPv4 address, both on vtnet0. It also has the IPv4 internal address on vtnet...

Would someone please give me a brief explanation of when to use jails with VNET and when not to? If VLAN-ing is not my concern, and services I use do not need a separate network stack - let’s say I run anything from DNS server to MailServer, Database, Java Application Server, VCS, CICD...

Hello, I need to build on 2 different servers, some jails environments to host websites, so that they are replicated and can do failover between them. I saw that on Youtube a user showed exactly what I'm asking for (www.youtube.com/watch?v=OOqMI4-qMg8), but I can not find guides and / or...