Quoting André Olsson <[EMAIL PROTECTED]> (from Thu, 17 Jan
2008 11:30:00 +0100):
Hi
we are trying to set up a client with FreeBSD 6.2-RELEASE as the
host OS and with two jails configured on it.
Each jail is going to run a Citrix-client against two different
separated Citrix-systems.
Since the user is going to work locally on the client we need it to
be possible to run both the X-server and the
X-application (citrix client) from within the same jail.
You need kernel patches to be able to run an X-server in a jail. The
trick is to allow access to /dev/mem (or some similar sensible device,
can't remember from the top of my head) even from a jail. Then you
need to add /dev/mem and some other devices to the jail (I use a
custom ruleset for devfs). I only have patches for 7.x or -current
(not online).
Our goal is to connect one jail1 to one Display and the jail2 to
another Display and for the User to
to jump inbetween the citrix-sessions ( Ctrl-Alt- F3...Ctrl-Alt-F4).
Because of the access to the /dev/mem, root of one jail can take over
the entire machine. Below I will propose something different.
I don't know if it is possible to switch via Fx to different servers
(I never tried this). You can have two graphic cards (or one with two
outputs) in the machine and connect two screens (and optionally two
keyboards/mice) to it, and have them displayed at the same time.
* syntax to start xterm within jail
ssh -f -X -T 192.168.0.155 xterm &
" output from above syntax
xterm Xt error: Cant open display: %s
xterm: DISPLAY is not set
If you want to have the xterm displayed on the system where you ssh
from, you need to check some things. Maybe the path to xauth is not
set correctly in sshd (the path changed with a recent ports tree).
We've never runned any X-applications within a jail before, only
bind,apache,mysql and such, but I hope
I've made my question understandable anyway:)
Maybe we are barkin up the wrong tree and there is an easier way to
connect 2 jails to 2 different
local displays?
There are several. The following ones don't open up a side-channel
between jails which have /dev/mem accessible.
You start the X-server(s) on the host (not in a jail), and in the
startup you connect to the jails via a passwordless ssh-key and let
the applications from the two jails display their stuff on the
X-server of the host.
You start a vnc server in each jail and let the user connect to the
vnc server either from the host with one X server running on it
(alternatively you can connect to the vnc server from other machines).
Bye,
Alexander.
--
The value of a program is proportional to the weight of its output.
http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
