[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ezjail] Two jail newbie questions



On Tue, 23 Oct 2007, Stefan Grundmann wrote:

:On Mon, Oct 22, 2007 at 10:15:45PM -0500, rick wrote:
:> I have installed the jail system using ezjail and it is up and running.
:>...
:
:> Q. 1.
:> Inside the jail I cannot ping out. 
:this is intended. jail(8) prevents use of raw sockets.

Ok, I didn't know that.

:> From outside the jail I cannot ssh in.
:> Where should I look at to fix this.  sshd is running inside the jail.
:> I get the error
:> ssh: connect to host xxx.65.222.198 port 22: No route to host
:i cannot reproduce this with my setup. but i remember problems last time i 
:tried to abuse the loopback if for jails.

Not sure what you mean by abuse the loopback - could you expand on that 
some.

:> 
:> Should I set the jail IP on the nve0 interface instead of the lo0 
:> interface?
:it is one solution. another one would be to create a special purpose jail 
:interface (ifconfig lo1 create; ifconfig lo1 name jail1; ifconfig jail1 inet xxx.65.222.198/32)

Ok, I created the new interface and assigned the IP to it but it is 
unreachable  from the outside world.  What else could I be doing wrong, 
what do I need to read on this?

:> Q. 2.
:> I also tried to add some software from ports as root inside the jail 
:> but cannot access the ports tree.
:
:you did install a ports tree inside the jail (ezjail-admin -p) ?

NO, I hadn't.  Thanks for the catch.  I had updated the ports tree just 
before running the ezjail install but I thought that the ports were 
installed by default.  Maybe one of these days I'll learn to read ALL of 
the documentation before proceeding.

Thanks very for the help
rick