[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] Setting security.jail.sysvipc_allowed won't work with ezjail



2011/7/26 Frédéric Perrin <frederic.perrin AT resel DOT fr>:
> Le mardi 26 à 1:03, Johannes a écrit :
>> I want to run Postgresql inside a jail. For that, I need sysvipc to be
>> allowed inside
>> jails (see http://www.freebsddiary.org/jail-multiple.php).
>>
>> On the host system I set security.jail.sysvipc_allowed=1:
>>
>> #> sysctl security.jail.sysvipc_allowed
>> # security.jail.sysvipc_allowed: 1
>>
>> I also added jail_sysvipc_allow="YES" to /etc/rc.conf.
>
> Here (8.2-RELEASE), /etc/rc.d/jail (which is ultimately called by
> ezjail) will explicitely look at jail_sysvipc_allow and act accordingly.
> What version are you runnning?
>
> --
> Fred
>

Hi,

I run FreeBSD 8 stable, updated a week ago. I read many reports
that htis is working when ezjail is not used. However I found no reports
on a working configuration with ezjail. Since it does with the patch by
Dewayne Geraghty I guess the variables are lost somewhere in the
ezjail script and hence never handed over to the original jail script.

Johannes