My vimage package, available here: http://druidbsd.sourceforge.net/download.shtml#vimage
...has a solution around that and you can read about it here: http://druidbsd.cvs.sourceforge.net/viewvc/druidbsd/pkgbase/freebsd/RELENG_8_3/sysutils/vimage/src/rc.conf.d/vimage?revision=1.1&view=markup Network scripts, ipfw, and other "nojail" services are started fine with my setup. Note that in my notes, we have a PR for adding a sysctl MIB (security.jail.vnet) for distinguishing vnet jails from non-vnet jails (from within the jail): http://www.freebsd.org/cgi/query-pr.cgi?pr=conf/149050 I think this is the best approach long-term). In essence, ultimately teach rcorder(8) about the difference between a jail and a vnet jail. -- Devin ________________________________________ From: [email protected] [[email protected]] on behalf of Andreas Nilsson [[email protected]] Sent: Monday, February 25, 2013 8:55 AM To: Mailinglists FreeBSD Subject: vnet jails and rc-scripts Hello, while trying to set up a couple of vnet jails I ran into some problems: 1. The networking scripts are not run. 2. The firewall script ( ipfw ) is not run. Both are skipped since they have the nojail keyword. Is the only solution to remove that keyword to get them running from rc in a jail? With vnet jails it seems that a lot network related scripts should be allowed to run. Is there any work being done address this? Also, what is the sysctl security.jail.param.vnet supposed to tell me? Running it on the host gives 0 Running it in vnet jail gives 0 Running it in normal jail gives 0 which to me seems counter intuitive, as I would have expected it to be 1 in the vnet jail. Best regards Andreas _______________________________________________ [email protected] mailing list https://urldefense.proofpoint.com/v1/url?u=http://lists.freebsd.org/mailman/listinfo/freebsd-jail&k=%2FbkpAUdJWZuiTILCq%2FFnQg%3D%3D%0A&r=Mrjs6vR4%2Faj2Ns9%2FssHJjg%3D%3D%0A&m=gcdnBfFT9%2FgDP4aiNb3SH%2B2HC58tTrjf3m0lz7RvTbo%3D%0A&s=2b3714f7bc212f52b740f1794fc5de6ca2cb7804242aa0c82db70297855aff70 To unsubscribe, send any mail to "[email protected]" _____________ The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[email protected]"
