Displaying 20 results from an estimated 4000 matches similar to: "/etc/rc.d/jail: losing IPs if jail_x_interface set and syntax error in jails /etc/rc?"
2007 Jan 11
2
FreeBSD Security Advisory FreeBSD-SA-07:01.jail
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-07:01.jail Security Advisory
The FreeBSD Project
Topic: Jail rc.d script privilege escalation
Category: core
Module: etc_rc.d
Announced:
2005 Jul 14
2
[ronvdaal@zarathustra.linux666.com: Possible security issue with FreeBSD 5.4 jailing and BPF]
This message was sent to bugtraq today:
While playing around with FreeBSD 5.4 and jailing I discovered that it was
possible to put an ethernet interface into promiscious mode from within the
jailed environment, allowing a packetsniffer to gather data not meant for
the jailed box. This also affects FreeBSD 5.3 (tested) but not FreeBSD 4.x
This can be reproduced on boxes where BPF support is
2003 Dec 19
6
Configuring JAIL to bind on lo0 interface
Hello,
I have configured jail for users with sshd ftpd and auth. I started this
jail on IP 127.0.0.10(there is an alias on lo0 interface), there was
not any bigger problem to start it. But i have a problem with internet in
this jail. I can log in to this jail through ssh or ftpd but i can't
connect to the internet. I try to set up some kind of nat but it doesn't
work.
Can anybody help me
2013 Feb 12
2
problem stoping jails with jail(8), jail.conf and mount.fstab
Hello,
on 9.1-R, I highly appreciate the new jail(8) and jail.conf
capabilities. Thanks for that extension!
But I have one problem: If I want to stop a jail with 'jaill -r
jailname', I get "umount: unmount of /.jail.jailname failed: Device busy"
It seems to me that the order of fstab.jailname entries are not reverted
by jail(8) when shutting down/umounting.
My C skills
2008 Feb 24
2
A simple rc.d jail patch to enable priority
Hello,
I have written this tiny little patch to the jail rc.d script, which
allows user to set jail nice value. It doesn't change any default
behaviour.
Can that make it to the trees?
Patch attached.
--
Jan Srzednicki :: http://wrzask.pl/
"Remember, remember, the fifth of November"
-- V for Vendetta
-------------- next part
2008 Feb 24
2
A simple rc.d jail patch to enable priority
Hello,
I have written this tiny little patch to the jail rc.d script, which
allows user to set jail nice value. It doesn't change any default
behaviour.
Can that make it to the trees?
Patch attached.
--
Jan Srzednicki :: http://wrzask.pl/
"Remember, remember, the fifth of November"
-- V for Vendetta
-------------- next part
2007 Feb 28
0
FreeBSD Errata Notice FreeBSD-EN-07:03.rc.d_jail
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-EN-07:03.rc.d_jail Errata Notice
The FreeBSD Project
Topic: rc.d jail script interface IP alias removal
Category: core
Module: etc_rc.d
Announced:
2007 Jul 02
1
Jails and loopback interfaces
I've got a server running FreeBSD 6.2 and PF. The server has a couple
dozen jails on it. Previously, I had a few "private" services such as
MySQL running on loopback IPs (127.0.0.2+) and the rest of the jails
running on the public IPs.
I have to renumber my machine with a new block of public IPs so I
thought I'd be clever and move all the jails onto loopback IPs. Then
2003 Sep 10
2
jail + postgresql + System V IPC
HI everyone,
I have resently installed a jail environment on my freebsd box, and had some
problems getting postgresql running under it.
After looking a bit on various mailinglists i figured out that I needed to
set jail.sysvipc_allowed to be 1 using sysctl in order to make postgresql
run.
However man jail gives me:
jail.sysvipc_allowed
This MIB entry determines whether or not
2003 Jul 10
2
jail performance questions
I'm thinking of using jails to improve security on a server
I am setting up. Specifically, I would like to put Apache/PHP
in a jail, but I might like to set up 2-3 different jails for
different purposes.
I've found several examples showing how to set the jails up.
My questions involve system requirements. Assuming plenty of
disk space, 1GB ram and a dual processor PIII 1.13Ghz
2009 Jan 08
2
Problems with network in jail
Hi all,
Is it mandatory to add device mem to jails to enable network via the gateway?
Left ezjail with FreeBSD-6.3 (and a hardware replacement of my server)
and am now starting again with FreeBSD-7.1.
Early this week, I upgraded from 7.0 to 7.1 (not having 'used' jails
on 7.0). After creating the jail with
`ezjail-admin update -i`
I created a 'ports build' jail
`ezjail-admin
2020 Jul 30
2
NTP and FreeBSD jails
FreeBSD-12.1p7
Samab-4.10.15 running in FreeBSD Jail
I just wish to ensure that my conclusion respecting Samba, FreeBSD Jails, and
NTP is correct.
1. Unless configured otherwise Windows domain clients will query and obtain
their time from the samba_server DC.
2. Samba_server obtains its time from the OS, in this case a FreeBSD Jail.
3. FreeBSD Jails get their time from their host.
4. If
2005 Jan 11
1
Possible security issue with jails
Howdy!
I'm not sure if this is actually an issue, feature or a bug, but I have found
that inside a jail, the jailed root user is able to sniff traffic (and enable
promiscuous mode) on at least the interface of the IP address the jail is attached
to.
I have not found any documentation explaining if this should occur or not, but
I feel it is something that should at least be known to those
2005 Aug 26
1
Filtering jail IP traffic
Hi,
IP traffic from one jail to another jail, arrives on destination jail on
lo0 having the destination jails IP as source IP. Why not the source
jail's IP address?
How can I filter traffic from one jail to another, using ipfw of ipf?
Cheers,
--
Anders.
2005 Jun 27
1
running jail with alternate IP
I am currently setting up a firewall that translates my internal network
over to 5 public IP addresses. The addresses are dynamically assigned, so I
use ddclient to update my www.dyndns.org account. I've set up several
aliases on the external interface of the firewall, and succeeded in having
the internal computers use those extra public IPs.
What I want to do is have 5 copies of ddclient
2006 Jun 29
3
Secure connection from "localhost" in jails
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear dovecot developers,
first: thanks for this really cool imapd, on my server it serves some
hundred domains, all in all some thousand users, some having hundred
thousand mails in their Maildirs (their spam boxes mostly).
Since I put this installation in an FreeBSD geli encrypted disc image I
had no choice but to choose an imapd with clever
2012 Dec 12
1
How to create Jail in FreeBSD
Operating system virtualization is the most effective way to utilize your system resources, jails let you setup isolated mini-systems. Jails are explains well in handbook however, from practical standpoint of view, the presented material is incomplete.
The post below setup few scrips that follow handbook's 'Application of Jails' article and enhance with few missing features
2008 Oct 28
3
7.x and multiple IPs in jails
Hello all,
I've been searching around and have come up with no current discussions on
this issue. I'll keep it brief:
In 7.0 or 7.1 is there any provision to have multiple IP addresses in a
jail?
I'm stumped on this, as I just started a new hosting project that needs a
few jails. At least one of those requires multiple IPs, which is
something I never really even realized was
2005 Aug 18
4
Closing information leaks in jails?
Hello,
I'm wondering about closing some information leaks in FreeBSD jails from
the "outside world".
Not that critical (depends on the application), but a simple user, with
restricted devfs in the jail (devfsrules_jail for example from
/etc/defaults/devfs.rules) can figure out the following:
- network interfaces related data, via ifconfig, which contains
everything, but the
2004 Nov 24
3
Jail fails
Hi,
We are trying to create a jail with FreeBSD 5.3 but it's fails with this
error:
cc -O -pipe -I/usr/obj/usr/src/i386/legacy/usr/include -c
/usr/src/games/fortune/strfile/strfile.c
make: don't know how to make /j/usr/lib/libc.a. Stop
*** Error code 2
We are excuting those command in /usr/src:
export D=/j
make world DESTDIR=$D
Are there any problem with FreeBSD 5.3? We have ever