Hi All I wonder if anyone could help me with this problem. I followed the instructions in the handbook to create some jails. It makes part of the filesystem readonly which is good. Problem is though that I tried installing syslog-ng in one of the jails and when I tried to start it, I got this error> Error binding socket; addr='AF_UNIX(/var/run/log)', error='Permission > denied (13)' > Error initializing source driver; source='src', id='src#0' > Error initializing message pipeline; > /usr/local/etc/rc.d/syslog-ng: WARNING: failed to start syslog_ngI think it's trying to create the socket files /var/run/log and /var/run/logpriv but can't. Is there anyway for me to create them manually?
Hi Peter On Tue, Dec 22, 2009 at 8:34 PM, Peter Fraser <petros.fraser@gmail.com> wrote:> Hi All > I wonder if anyone could help me with this problem. I followed the > instructions in the handbook to create some jails. It makes part of > the filesystem readonly which is good.This sounds like you used the "service jail" approach [1]. Correct me if I am wrong.> Problem is though that I tried > installing syslog-ng in one of the jails and when I tried to start it, > I got this error > >> Error binding socket; addr='AF_UNIX(/var/run/log)', error='Permission >> denied (13)' >> Error initializing source driver; source='src', id='src#0' >> Error initializing message pipeline; >> /usr/local/etc/rc.d/syslog-ng: WARNING: failed to start syslog_ng > > I think it's trying to create the socket files ?/var/run/log and > /var/run/logpriv but can't. Is there anyway for me to create them > manually?It has been some time since I used that method to create jails; the areas that have burned me in particular were symlinking /usr/local/bin/perl to /usr/bin/perl and similarly for the security/ca_root_nss port. Re-reading the doc, /var should be made read/write as it is part of the jail "skeleton" filesystem, from which you create the "moving parts" of your jail, so to speak. Did you create /var read-only? Regards, [1] - http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-application.html -- Glen Barber
On Tue, Dec 22, 2009 at 08:34:09PM -0500, Peter Fraser wrote:> > instructions in the handbook to create some jails. It makes part of > the filesystem readonly which is good. Problem is though that I tried > installing syslog-ng in one of the jails and when I tried to start it, > I got this error > > > Error binding socket; addr='AF_UNIX(/var/run/log)', error='Permission > > denied (13)' >error 13 is EACCES, "The requested address is protected, and the currect user has inadequate permission to access it." Since you have created a read-only file system, I'd say the socket is attempting to bind to a read-write (full-duplex) socket, given the "log" in the name. Just creating the socket is unlikely to be blocked by your read-only file system, since it doesn't consume an i-node until it is bound to a name, or more specifically, the system doesn't know what permissions apply until it is bound. Bruce -- ------------------------------------------------------------------------ "I like bad!" Bruce Burden Austin, TX. - Thuganlitha The Power and the Prophet Robert Don Hughes