[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] Two jail newbie questions



On Mon, Oct 22, 2007 at 10:15:45PM -0500, rick wrote:
> I have installed the jail system using ezjail and it is up and running.
>...

> Q. 1.
> Inside the jail I cannot ping out. 
this is intended. jail(8) prevents use of raw sockets.

> From outside the jail I cannot ssh in.
> Where should I look at to fix this.  sshd is running inside the jail.
> I get the error
> ssh: connect to host xxx.65.222.198 port 22: No route to host
i cannot reproduce this with my setup. but i remember problems last time i 
tried to abuse the loopback if for jails.
> 
> Should I set the jail IP on the nve0 interface instead of the lo0 
> interface?
it is one solution. another one would be to create a special purpose jail 
interface (ifconfig lo1 create; ifconfig lo1 name jail1; ifconfig jail1 inet xxx.65.222.198/32)

> 
> 
> Q. 2.
> I also tried to add some software from ports as root inside the jail 
> but cannot access the ports tree.

you did install a ports tree inside the jail (ezjail-admin -p) ?

> Do I add software from inside the jail? Or do I add it from outside the 
> jail?

you do it from inside the jail (o.k. you _could_ do it from the host system 
overriding PREFIX and maybe the package database but it is not the ezjail way)    

regards

sg