[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] Multiple FIBs support

Philipp Wuensche wrote:
> Andrew Hotlab wrote:
>> Thank for your work. I've just checked out the latest changes, encountering
>> three issues:
>> The command "ezjail-admin config -f 1 ${jail_name}" returns this message:
>> "Error: fib number has to be an integer.". The following change seems to
>> solve the problem:
> Patched and fixed in CVS.
>> Even if the variable "jail_${jail_name}_fib" has been set in the jail
>> configuration file,  jailed processes do not seem to be associated to
>> the correct FIB (actually, I didn't found any occurrence of the setfib
>> command neither in the ezjail-admin or the ezjail.sh script).
>> In my previous patches I included the setfib command in both the
>> scripts, and it seemed to do the job pretty well.
> setfib is executed by /etc/rc.d/jail which is used by ezjail to start
> the jail. I did some debugging and the jail is started via "setfib -F
> '<fibnum>' jail ..." but the fib is not used. I guess I need to dig
> deeper to find out whats going wrong. Seems to be okay from the ezjail-side.

Seems like I found the answer to that:

So the jail will use the FIB but using jexec to attach to the jail will
not use the FIB, you need to do setfib -F 'fibnum' jexec JID /bin/tcsh.
Using ssh to get into the jail will give you the FIB though.

I changed ezjail-admin console to use the FIB when attaching.