On Sat, 1 Nov 2008, Christer Edwards wrote:
I recently set up a few jails for internal network services (sshd, bind,
dhcpd, etc.) The only issue I have so far is that dhcpd doesn't seem to
work within the jail env. It appears to start properly, and the process
shows in top, but no leases are ever given out.
[ ...]
I have also allowed raw_sockets from the host (unless there is another
way to accomplish this).
If anyone can tell me what I'm missing, or if its simply a jail
limitation I'd appreciate it.
dhcpd imho needs bpf, so you would have to expose /dev/bpf* to that
jail and perhaps also /dev/net* things..
try adding something like this to your /etc/devfs.rules
[devfsrules_jail_dhcp=5]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'bpf*' unhide
add path net unhide
add path 'net/*' unhide
the number is the first free that is not in your
/etc/defaults/devfs.rules and /etc/devfs.rules.
That done change the /etc/rc.conf line for that jail to
jail_FOOOOOO_devfs_ruleset="devfsrules_jail_dhcp"
with FOOOOOO being the right jail name of course and restart the jail.
Within the jail do a ls -l /dev/bpf* ; if there are no entries you'll
need to reapply the devfs rules from the base system (sh
/etc/rc.d/devfs start might do that). Try the ls again.
imho, you do not need to allow raw sockets.
HTH
/bz
--
Bjoern A. Zeeb Stop bit received. Insert coin for new game.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
