On Sat, 10 Oct 2009 10:14:26 +0200 Kevin Smith <[email protected]> wrote:
> Does this patch fix vnc server start error also ? I don't know. The patch allows access to /dev/io. Normally this is not possible, even if /dev/io is visible in the jail, as the kernel disallows all access to it from a jail. > When I try to run tightvncserver in a jail it says: > > A VNC server is already running as :0 I wouldn't expect that a VNC server needs access to /dev/io, so I would be surprised if this would help. > even if there is no vnc server running. You could start it via "ktrace -i tightvncserver" and when it abortet you can have a look with kdump|less what it tries to do. Bye, Alexander. > Thank you, > regards > > On Oct 9, 2009, at 10:45 AM, Alexander Leidinger wrote: > > > Quoting hulibyaka hulibyaka <[email protected]> (from Thu, 8 Oct > > 2009 22:01:23 +0400): > > > >> What the difference for restriction on /dev/io between chroot and > >> jail? How can i get all needed by xinit privileges on /dev/io > >> within jail ? > > > > There are additional access restrictions in the kernel when run in > > a jail. You need > > http://www.leidinger.net/FreeBSD/current-patches/jail.diff > > and you need to rebuild the kernel and the world. > > > > After that you need to add > > jail_JAILID_startparams="allow.dev_io_access" for your jail startup. > > > > Bye, > > Alexander. > > > > -- > > Pie are not square. Pie are round. Cornbread are square. > > > > http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = > > B0063FE7 > > http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = > > 72077137 > > _______________________________________________ > > [email protected] mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-jail > > To unsubscribe, send any mail to "freebsd-jail- > > [email protected]" > > -- > Kevin > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[email protected]"
