jails Not able to Run Multiple Jails

A

Aruns

Am in the task of creating multiple Jail. I followed these steps for that,
1. bsdinstall jail /var/jail/product
2. created /etc/jail.product.conf having these values;
Code: 
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;

path = "/var/jail/product";

product{
host.hostname = "product.intra.ogris.net";
ip4.addr = "lo1|10.0.0.1";
}
3. and for Internet access /etc/ipfw.rules
Code: 
nat 1 config if em0 same_ports
add nat 1 ip from any to any via em0
add allow ip from any to any

4. Edited /etc/rc.conf with these value
Code: 
kld_list="ipfw_nat"
gateway_enable="YES"
firewall_enable="YES"
firewall_type="/etc/ipfw.rules"

I am able to run Jail successfully with the steps mentioned here.
The issue comes when I created the second Jail, I have changed the values like loopback IP and other required values. But it just stops running first Jail.
Could anyone tell me what should I change here to run Jails parallelly?
 
Aruns said:
created /etc/jail.product.conf having these values;
Click to expand...
Where did you get that filename from? It's supposed to be in /etc/jail.conf. You add multiple jails to that same file.

Code: 
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;

jail1 {
  host.hostname = "jail1.example.com";
  ip4.addr = "lo1|10.0.0.1";
  path = "/var/jail/jail1";
}

jail2 {
  host.hostname = "jail2.example.com";
  ip4.addr = "lo1|10.0.0.2";
  path = "/var/jail/jail2";
}
 
Did you enable them in /etc/rc.conf?
Code: 
jail_enable="YES"
jail_list="jail1 jail2"

Aruns said:
But it didn't work.
Click to expand...
This doesn't provide any clues why it didn't work. Any error messages? What happens if you start them by hand?
 
SirDice said:
Did you enable them in /etc/rc.conf?
Code: 
jail_enable="YES"
jail_list="jail1 jail2"


This doesn't provide any clues why it didn't work. Any error messages? What happens if you start them by hand?
Click to expand...
all Jails are listed as same as it is given here.
 
Keep in mind that we cannot look at your screens, we don't know what is happening on your end. If you cannot provide some logging or error messages we'll be here all day shooting potential solutions at invisible targets.

Look in your logs. Look for clues why things aren't working. Start the jails by hand and look at the output, "it doesn't work" doesn't give us anything to go on.
 
Adding,
There isn't any error in log. am able to run one jail at a time suppose having configuration as mentioned earlier.
The command jls lists it as;
Code: 
JID  IP Address      Hostname                      Path
     1  10.0.0.3        jail1.intra.ogris.net           /var/jail/jail1
In case of second jail, followed the same procedure as followed to create the first jail, but the second jail replaces the first jail, jls lists jail after successful second jail creation;
Code: 
JID  IP Address      Hostname                      Path
     1  10.0.0.4        jail2.intra.ogris.net           /var/jail/jail2
jail1 is not in the list of jails

the location /var/jail/ has all jails
Code: 
root@FreeBSD113:/var/jail # ls
jail1    jail2    jail3    onej

here is the ifconfig part;
Code: 
lo2: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet 10.0.0.4 netmask 0xffffffff
        inet 10.0.0.3 netmask 0xffffffff
        inet 10.0.0.5 netmask 0xffffffff
        inet 10.0.0.6 netmask 0xffffffff
 
SirDice said:
Please post your current /etc/jail.conf.
Click to expand...
Here, it is;
Code: 
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;

jail1 {
  host.hostname = "jail1.intra.ogris.net";
  ip4.addr = "lo2|10.0.0.3";
  path = "/var/jail/jail1";
}

jail2 {
  host.hostname = "jail1.intra.ogris.net";
  ip4.addr = "lo2|10.0.0.4";
  path = "/var/jail/jail2";
}

jail3 {
  host.hostname = "jail3.intra.ogris.net";
  ip4.addr = "lo2|10.0.0.5";
  path = "/var/jail/jail3";
}

onej {
  host.hostname = "onej.intra.ogris.net";
  ip4.addr = "lo2|10.0.0.6";
  path = "/var/jail/onej";
}
 
Try this instead:
Code: 
ip4.addr = 10.0.0.3;
interface = lo2;

That "lo2|10.0.0.3" notation is an old way of setting the IP and interface, ezjail still uses it.
 
SirDice said:
Try this instead:
Code: 
ip4.addr = 10.0.0.3;
interface = lo2;

That "lo2|10.0.0.3" notation is an old way of setting the IP and interface, ezjail still uses it.
Click to expand...
It has changed as mentioned here. Rebooted the VM. jls is
Code: 
JID  IP Address      Hostname                      Path
     1  10.0.0.4        jail2.intra.ogris.net           /var/jail/jail2

/etc/jail.conf is
Code: 
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.clean;
mount.devfs;

jail1 {
  host.hostname = "jail1.intra.ogris.net";
  ip4.addr = "10.0.0.3";
  interface = lo2;
  path = "/var/jail/jail1";
}

jail2 {
  host.hostname = "jail1.intra.ogris.net";
  ip4.addr = "10.0.0.4";
  interface = lo2;
  path = "/var/jail/jail2";
}

jail3 {
  host.hostname = "jail3.intra.ogris.net";
  ip4.addr = "10.0.0.5";
  interface = lo2;
  path = "/var/jail/jail3";
}

onej {
  host.hostname = "onej.intra.ogris.net";
  ip4.addr = "10.0.0.6";
  interface = lo2;
  path = "/var/jail/onej";
}
 
Well, I'm officially stumped. I've set up hundreds of jails since it was first introduced in FreeBSD 4.0 and I've never encountered this problem. I have no idea why it's not working for you.
 
Aruns said:
root@FreeBSD113:/var/jail # ls jail1 jail2 jail3 onej
Click to expand...
I have played a little bit because I am not 100% sure when handling jails. And other users issues are always a resource to learn from. Then I have seen the line as above and FreeBSD-11.3 is no more the newest release. Can it be that the host is running FreeBSD-11.3 and the jails base is extracted from a newer version as FreeBSD-11.4 or FreeBSD-12.x? I am asking just in case.

A question from my side: what does exec.clean do? I have found no reference in /etc/rc.d/jail. I have just added that to my /etc/jail.conf.
 
chrbr said:
A question from my side: what does exec.clean do?
Click to expand...
Code: 
     exec.clean
             Run commands in a clean environment.  The environment is
             discarded except for HOME, SHELL, TERM and USER.  HOME and SHELL
             are set to the target login's default values.  USER is set to the
             target login.  TERM is imported from the current environment.
             The environment variables from the login class capability
             database for the target login are also set.
From jail(8). It's also in the EXAMPLE configuration at the end of jail.conf(5).
 
You must log in or register to reply here.
Back
Top