On Tue, 6 Jan 2009, Albert Shih wrote:
Le 06/01/2009 à 15:06:37+0000, Bjoern A. Zeeb a écrit
On Tue, 6 Jan 2009, Albert Shih wrote:
In fact I found the problem :
When I compile nagios-plugin ports in a jail the «configure» don't find
syntax of ping :
checking for ping... /sbin/ping
checking for ping6... /sbin/ping6
checking for ICMP ping syntax... configure: WARNING: unable to find usable ping
syntax
But if I compile the same ports in a «normal» server (both are amd64).
checking for ping... /sbin/ping
checking for ping6... /sbin/ping6
checking for ICMP ping syntax... /sbin/ping -n -c %d %s
checking for ICMPv6 ping syntax... /sbin/ping6 -n -c %d %s
So if I use the check_ping produce by compiling in a no-jail server on a
jail-server it's working.
I think it's a bug about the nagios-plugins ports. What you think ?
I think most of all configure stuff out there is ... ok, if you
compile the port inside a jail and permit raw sockets, does it work
then --
either by using the rc.conf option and restarting the jail with
rc.d/jail or using sysctl security.jail.allow_raw_sockets=1 ?
You mean I MUST restart the jail after I change the sysctl value ? Because
after I change it, I can make a ping from inside the jail without
restarting the jail.
Well I'm going to make a new jail to check that (all other jail is in
production).
No, if you manually change the sysctl it's all fine and production
immediately.
If you change the option .. wait; my fault, raw sockets is not
supported by the rc framework in contrast to other things, so there is
no option there. I confused this with jail_socket_unixiproute_only in
which case just changing it in rc.conf would not be sufficient.
/bz
--
Bjoern A. Zeeb The greatest risk is not taking one.
_______________________________________________
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
