djbdns on 1270.0.1 in a jail problem

Mon, 01 Oct 2007 12:37:16 -0700 

Heya,
Playing around with jails and have run across something weird, I was wondering if somebody could explain. 

I'm trying to get djbdns to run inside the jail, with tinydns running on
127.0.0.1.  The thing I cannot figure out is why tinydns always comes up on

the jail's IP address, and not lo0, as reported by sockstat: 
Root Dude ? sockstat -l
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS 
root     sshd       863   3  tcp4   159.28.1.59:22        *:*

tinydns  tinydns    862   3  udp4   159.28.1.59:53        *:*
root     syslogd    800   4  dgram  /var/run/log
root     syslogd    800   5  dgram  /var/run/logpriv
root     syslogd    800   6  udp4   159.28.1.59:514       *:*
root     sshd       638   3  tcp4   159.28.1.66:22        *:*
root     syslogd    530   4  dgram  /var/run/log
root     syslogd    530   5  dgram  /var/run/logpriv
root     syslogd    530   6  udp6   *:514                 *:*
root     syslogd    530   7  udp4   *:514                 *:*
root     devd       464   4  stream /var/run/devd.pipe

My setup(really just a standard install) runs fine on a non-jailed system,
tinydns comes up on 127.0.0.1.  The jail does have the correct env setting:
[EMAIL PROTECTED] /]# cat /service/tinydns/env/IP
127.0.0.1

At first I thought it was because lo0 was not in /dev in the jail.  I've gone
as far as unhiding *everything* in /dev via:
Root Dude ? cat /etc/devfs.rules
[test_unhide_all=5]
add include $devfsrules_jail
add unhide

This indeed worked as the jail now has everything in it's /dev.  Grasping at
straws, I've also tweaked sysctl settings for jails:
Root Dude ? sysctl -a|egrep jail
security.jail.jailed: 0
security.jail.chflags_allowed: 0
security.jail.allow_raw_sockets: 1
security.jail.enforce_statfs: 2
security.jail.sysvipc_allowed: 1
security.jail.socket_unixiproute_only: 1
security.jail.set_hostname_allowed: 1


I know it's just something simple I'm missing/glossed over while reading but
could somebody pls point me in the general direction of why 127.0.0.1 appears
to be unavailable, or where I could read up on how to get it to work?

Tnx.

--
 Randy    ([EMAIL PROTECTED])      765.983.1283         <*>

Love with your heart, think with your head;  not the other way around.

_______________________________________________
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"






















					Reply via email to