Hello, you seem to not have tried this under 4.9 or not under jail. In the host environment I haven't run anything else but sshd which is bound to listen on the IP != jail environment. In the jail environment it's not possible to bind on IP outside the jail. After googling a little I found that this is because identd uses tcp_getcred() which won't leak information to jail environment. There were a patch for 4.3 which made identd work but the patch won't work on 4.9-STABLE.
If someone made identd work in jailed environment, please explain how. thanks On Thu, 25 Dec 2003, Matthew Seaman wrote: > On Thu, Dec 25, 2003 at 01:28:12AM +0200, Alexander wrote: > > > did someone make identd work on 4.9-STABLE in jailed environment ? > > Don't see why it should cause any particular difficulties. You'll > need to run an instance of inetd(8) in each jail where you want ident > capability. All of those inetd(8)'s and any inetd(8) from the base > system should be bound to specific IP addresses by using the '-a' > option -- otherwise they all attempt to bind to INADDR_ANY and end up > fighting each other. > > Eg: if your machine uses 192.168.0.1 as it's principal IP and has an > alias address of 192.168.0.2 used by a jail, and you want inetd > services in both, you would put: > > inetd_enable="YES" > inetd_flags="-wW -a 192.168.0.1" > > in /etc/rc.conf on the host environment, and: > > inetd_enable="YES" > inetd_flags="-wW -a 192.168.0.2" > > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks > Savill Way > PGP: http://www.infracaninophile.co.uk/pgpkey Marlow > Tel: +44 1628 476614 Bucks., SL7 1TH UK > _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
