jails VNET and a Linux jail

[m0nkey_]

So I've been poking at Linux jails in 13.0. I've managed to get a Ubuntu and Debian jail running, but now I want to take it a step further. Has anyone ever got VNET working inside of a Linux jail? I can only get so far before I start running into issues.

Anyway, here's my jail.conf

path = "/jails/$name";
host.hostname = "$name";
mount.fstab = "$path.fstab";
interface = "lagg0";
persist;

debian-sid {
        vnet;
        vnet.interface = "e0b_sid";
        exec.prestart += "/usr/local/sbin/jib addm sid lagg0";
        exec.poststop += "/usr/local/sbin/jib destroy sid";
        allow.sysvipc = 0;
        allow.raw_sockets = 1;
        allow.mount;
        allow.mount.devfs;
        allow.mount.procfs;
        allow.mount.linprocfs;
        allow.mount.linsysfs;
        exec.start = "/bin/true";
        exec.stop = "/bin/true";
        allow.socket_af;
        allow.set_hostname = 1;
        devfs_ruleset = 6;
        linux.osname = "Debian";
}

Here's the devfs.rules

[devfsrules_jail_linux=6] add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'tun*' unhide
add path 'bpf*' unhide
add path zfs unhide

Anyway, the epair interfaces comes up and the jail starts. Once inside the jail, I try to bring up the interface and set an IP address, however this is where things grind to a halt.

root@debian-sid:/# ifconfig eth0
eth0: flags=4162<BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 0e:40:b5:e6:c9:7a  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

root@debian-sid:/# ifconfig eth0 172.16.81.14/24
SIOCSIFADDR: Invalid argument
SIOCSIFFLAGS: Invalid argument
SIOCSIFNETMASK: Invalid argument
root@debian-sid:/#

I get the feeling I've probably reached the limits of the Linuxulator at this point, but if this is at all possible, how did you do it? If my time is better spent elsewhere, let me know so I can give up and move on.

Appreciate any input. Thanks!

 

[zirias@]

Copy /rescue/ifconfig inside your jail (maybe you want to replace the Linux one…), this will be able to configure a FreeBSD network interface.

 

[m0nkey_]

Copy /rescue/ifconfig inside your jail (maybe you want to replace the Linux one…), this will be able to configure a FreeBSD network interface.

Sir, you are amazing! I had to bring over route from /rescue too, but now I have a Linux jail using VNET.

 

[zirias@]

Sir, you are amazing! I had to bring over route from /rescue too, but now I have a Linux jail using VNET.

Well, thanks Quick explanation: A jail is just a jail, no matter what's running inside, and the FreeBSD kernel can execute both native and Linux binaries, no matter what. The "normal" FreeBSD tools would fail because the shared libraries they need aren't available in a Linux jail, but the tools from /rescue are linked statically, so they don't need any libs at runtime.

 

[m0nkey_]

Brilliant explination. Thank you again!