At 08:42 PM 7/18/2007, Christopher Cowart wrote:
On Wed, Jul 18, 2007 at 08:34:21PM -0700, Tech Valley Internet - Tony Kivits wrote:
> At 07:32 PM 7/18/2007, Christopher Cowart wrote:
> >On Wed, Jul 18, 2007 at 06:30:50PM -0700, Tech Valley Internet -
> >Tony Kivits wrote:
> >> I am attempting to run portions (if not all) of the software called
> >> HSphere inside of jailed subsystems of FreeBSD.  I am able to create
> >> the jails no problem but the devices /dev/random and /dev/urandom are
> >> not created automatically in the jail despite the fact that a handful
> >> of other devices are mounted correctly when the jail is created.
> >>
> >> Is there a specific reason for these devices not being created in a
> >> jail or is there a way to create these devices so that they will be
> >> available inside a jail?
> >
> >We run bind instances in FreeBSD jails. This is how we get /dev/random:
> >
> >| # /etc/devfs.rules:
> >| [devfsrules_thin_jail=100]
> >| add include $devfsrules_hide_all
> >| add include $devfsrules_unhide_basic
> >
> >| # /etc/rc.conf:
> >| jail_cachingdns_devfs_enable="YES"
> >| jail_cachingdns_devfs_ruleset="devfsrules_thin_jail"
> >
> Thanks Chris,
> So if my jail is called "cp", the only thing that I would have to
> change from your scripts would be replace to replace "cachingdns" with "cp"?

Yes. Are you configuring the jail via /etc/rc.conf already? Are you
using the rc script /etc/rc.d/jail to start your jails?

My complete config from /etc/rc.conf is:

| # Enable jails
| jail_enable="YES"
| jail_list="cachingdns"
| # Caching-nameserver jail
| jail_cachingdns_hostname=""
| jail_cachingdns_ip=""
| jail_cachingdns_interface="bge0"
| jail_cachingdns_rootdir="/var/jails/caching-dns"
| jail_cachingdns_exec="/usr/local/sbin/named"
| jail_cachingdns_devfs_enable="YES"
| jail_cachingdns_devfs_ruleset="devfsrules_thin_jail"

You can replace cachingdns with cp or whatever else you want. You can
also create multiple jails with different names.

I don't know if you're following the typical FreeBSD jail documentation
which gives you a complete FreeBSD installation inside the jail. Given
that I only need to run named, I have not done that.

Are you trying to run a complete FreeBSD install that allows user logins
inside your jail? Or are you simply trying to jail a single process? My
example above jails the single process named, and does not have an OS
install inside the jail's root.

Chris Cowart
Lead Systems Administrator
Network & Infrastructure Services, RSSP-IT
UC Berkeley

Thanks Chris,

I am doing a complete OS inside the jail and am starting it through the rc.conf.

I have modified the devfs.rules so that they are now passing random and urandom as devices. But the installation software is still reporting that /dev/random is not working properly. Do you know of a way that I can test /dev/random to see if it is actually working?

Thanks again,

_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to