Solved pkg in jail not working

R

Rolio43

Hi,

I can't install a package in a jail with pkg, it blocks on the installation message.
Code: 
# jexec test
# pkg install nano
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from pkg+https://pkg.FreeBSD.org/FreeBSD:14:amd64/quarterly, please wait...

My jail's configuration file: /etc/jail.conf
Code: 
exec.clean;
mount.devfs;
allow.noset_hostname;
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
allow.raw_sockets;
allow.socket_af;
interface = "em0";

test {
    path = "/var/jails/test";
    host.hostname = "test.freebsd";
    ip4.addr = 192.168.0.4;
}

The tests I performed :
Code: 
# netstat -r
Routing tables

Internet:
Destination        Gateway            Flags         Netif Expire
vfreebsd.home      link#2             UH              lo0

# ping www.google.com
PING www.google.com (142.250.201.164): 56 data bytes
64 bytes from 142.250.201.164: icmp_seq=0 ttl=112 time=6.412 ms

# route show default
route: route has not been found: No error: 0

# cat /etc/resolv.conf
nameserver 192.168.0.1

# service routing restart
delete host 127.0.0.1: gateway lo0 fib 0: Operation not permitted
delete host ::1: gateway lo0 fib 0: Operation not permitted
delete net fe80::: gateway ::1 fib 0: Operation not permitted
delete net ff02::: gateway ::1 fib 0: Operation not permitted
delete net ::ffff:0.0.0.0: gateway ::1 fib 0: Operation not permitted
delete net ::0.0.0.0: gateway ::1 fib 0: Operation not permitted
ifconfig: socket(family 28,SOCK_DGRAM): Protocol not supported
add host 127.0.0.1: gateway lo0 fib 0: Operation not permitted
sysctl: net.inet.icmp.bmcastecho=0: Operation not permitted
sysctl: net.inet.icmp.drop_redirect=0: Operation not permitted
sysctl: net.inet.icmp.log_redirect=0: Operation not permitted
sysctl: net.inet.ip.forwarding=0: Operation not permitted
sysctl: net.inet.ip.sourceroute=0: Operation not permitted
sysctl: net.inet.ip.accept_sourceroute=0: Operation not permitted
sysctl: net.link.ether.inet.proxyall=0: Operation not permitted
add host ::1: gateway lo0 fib 0: Operation not permitted
add net fe80::: gateway ::1 fib 0: Operation not permitted
add net ff02::: gateway ::1 fib 0: Operation not permitted
add net ::ffff:0.0.0.0: gateway ::1 fib 0: Operation not permitted
add net ::0.0.0.0: gateway ::1 fib 0: Operation not permitted
sysctl: net.inet6.ip6.forwarding=0: Operation not permitted
 
Can you tell us:

1. The version of FreeBSD running on the jail host (see freebsd-version(1))
2. The version of FreeBSD running in the jail
3. More about what you mean by "blocks on the installation message". You see this message:

Bootstrapping pkg from pkg+https://pkg.freebsd.org/FreeBSD:14:amd64/quarterly, please wait...
Click to expand...

And what happens after that? Does the jail crash? Does the process bootstrapping pkg seem to hang, and you can cleanly terminate it with ^C?

I'm still pretty novice with jails, but the fact that you can ping www.google.com means you can (a) resolve names via DNS (b) get packets out of your network and (c) receive packets from outside your network. Trying to restart routing from within the jail might not always work, depending on how you set up your jail. (Pretty sure it needs to be a VNET jail for that to have worked.) You can also test whether you can fetch the quarterly package repo with curl(1):

Code: 
$ curl -L https://pkg.FreeBSD.org/FreeBSD:14:amd64/quarterly
<!DOCTYPE html><html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"><meta name="viewport" content="width=device-width"><style type="text/css">body,html {background:#fff;font-family:"Bitstream Vera Sans","Lucida Grande","Lucida Sans Unicode",Lucidux,Verdana,Lucida,sans-serif;}tr:nth-child(even) {background:#f4f4f4;}th,td {padding:0.1em 0.5em;}th {text-align:left;font-weight:bold;background:#eee;border-bottom:1px solid #aaa;}#list {border:1px solid #aaa;width:100%;}a {color:#a33;}a:hover {color:#e33;}</style>

<title>Index of /FreeBSD:14:amd64/quarterly/</title>
</head><body><h1>Index of /FreeBSD:14:amd64/quarterly/</h1>
...
 
I tested creating a jail in a virtual machine configured as a bridge under VirtualBox.
That probably involves too many network layers.
On a real machine, with a jail, everything works.
 
You must log in or register to reply here.
Back
Top