Problem running bsnmpd inside jail.
(previously posted to stable) Hi! Im running a few jails on FreeBSD 10.0-RELEASE (amd64) but I cant get bsnmpd to work inside a jail. It has worked in the past but that was FreeBSD 9. its a standard bsnmpd config without any large changes to the config. The exact same configs works fine when run outside a jail. # /usr/sbin/bsnmpd -d -p /var/run/snmpd.pid snmpd[38890]: disk_OS_get_disks: adding device 'cd0' to device list snmpd[38890]: disk_OS_get_disks: adding device 'da2' to device list snmpd[38890]: disk_OS_get_disks: adding device 'da1' to device list snmpd[38890]: disk_OS_get_disks: adding device 'da0' to device list snmpd[38890]: Failed to connect socket for /var/run/devd.pipe: No such file or directory snmpd[38890]: sendmsg: Invalid argument # I get these when i try to snmpwalk. snmpd[38890]: sendmsg: Invalid argument snmpd[38890]: sendmsg: Invalid argument truss says: select(14,{4 12 13},{},{},{0.36 }) = 0 (0x0) gettimeofday({1395507232.011776 },0x0) = 0 (0x0) gettimeofday({1395507232.011836 },0x0) = 0 (0x0) select(14,{4 12 13},{},{},{0.40 }) = 0 (0x0) gettimeofday({1395507233.012739 },0x0) = 0 (0x0) gettimeofday({1395507233.012801 },0x0) = 0 (0x0) select(14,{4 12 13},{},{},{0.38 }) = 1 (0x1) recvmsg(0xc,0x7fffac40,0x0,0x7fffaca0,0x801c23010,0x2) = 43 (0x2b) sigprocmask(SIG_BLOCK,0x0,0x0) = 0 (0x0) open(/etc/hosts.allow,O_RDONLY,0666) = 14 (0xe) fstat(14,{ mode=-rw-r--r-- ,inode=3849888,size=18,blksize=4096 }) = 0 (0x0) read(14,ALL : ALL : allow\n,4096) = 18 (0x12) close(14)= 0 (0x0) sigprocmask(SIG_SETMASK,0x0,0x0) = 0 (0x0) gettimeofday({1395507233.562291 },0x0) = 0 (0x0) sendmsg(0xc,0x7ffe1120,0x0,0x5cea9fbe35c62e6e,0x3,0x2) ERR#22 'Invalid argument' clock_gettime(13,{1395507233.0 })= 0 (0x0) getpid() = 38997 (0x9855) snmpd[38997]: sendmsg: Invalid argument writev(0x2,0x7ffe0320,0x2,0xffec,0x14,0x800f98370) = 40 (0x28) sendto(8,11Mar 22 17:53:53 snmpd[38997]...,59,0x0,NULL,0x0) = 59 (0x3b) gettimeofday({1395507233.562815 },0x0) = 0 (0x0) gettimeofday({1395507233.562869 },0x0) = 0 (0x0) select(14,{4 12 13},{},{},{0.449870 }) = 0 (0x0) gettimeofday({1395507234.041473 },0x0) = 0 (0x0) gettimeofday({1395507234.041535 },0x0) = 0 (0x0) select(14,{4 12 13},{},{},{0.948960 }) = 1 (0x1) recvmsg(0xc,0x7fffac40,0x0,0x7fffaca0,0x64,0x0) = 43 (0x2b) sigprocmask(SIG_BLOCK,0x0,0x0) = 0 (0x0) open(/etc/hosts.allow,O_RDONLY,0666) = 14 (0xe) fstat(14,{ mode=-rw-r--r-- ,inode=3849888,size=18,blksize=4096 }) = 0 (0x0) read(14,ALL : ALL : allow\n,4096) = 18 (0x12) close(14)= 0 (0x0) sigprocmask(SIG_SETMASK,0x0,0x0) = 0 (0x0) gettimeofday({1395507234.567052 },0x0) = 0 (0x0) sendmsg(0xc,0x7ffe1120,0x0,0x5cea9fbe35c62e6e,0x3,0x2) ERR#22 'Invalid argument' clock_gettime(13,{1395507234.0 })= 0 (0x0) getpid() snmpd[38997]: sendmsg: Invalid argument writev(0x2,0x7ffe0320,0x2,0xffec,0x14,0x800f98370) = 40 (0x28) sendto(8,11Mar 22 17:53:54 snmpd[38997]...,59,0x0,NULL,0x0) = 59 (0x3b) gettimeofday({1395507234.567457 },0x0) = 0 (0x0) gettimeofday({1395507234.567512 },0x0) = 0 (0x0) select(14,{4 12 13},{},{},{0.422983 }) = 0 (0x0) gettimeofday({1395507235.010734 },0x0) = 0 (0x0) __sysctl(0x7fffafc0,0x2,0x7fffb000,0x7fffaff8,0x8030855ea,0x17) = 0 (0x0) __sysctl(0x7fffb000,0x4,0x7fffb0d8,0x7fffb0a8,0x0,0x0) = 0 (0x0) __sysctl(0x7fffafc0,0x2,0x7fffb000,0x7fffaff8,0x803085602,0x18) = 0 (0x0) __sysctl(0x7fffb000,0x4,0x7fffb0d8,0x7fffb0a8,0x0,0x0) = 0 (0x0) __sysctl(0x7fffafc0,0x2,0x7fffb000,0x7fffaff8,0x80308561b,0x13) = 0 (0x0) __sysctl(0x7fffb000,0x4,0x7fffb0d8,0x7fffb0a8,0x0,0x0) = 0 (0x0) __sysctl(0x7fffafc0,0x2,0x7fffb000,0x7fffaff8,0x80308562f,0x14) = 0 (0x0) __sysctl(0x7fffb000,0x4,0x7fffb0d8,0x7fffb0a8,0x0,0x0) = 0 (0x0) __sysctl(0x7fffafe0,0x2,0x7fffb020,0x7fffb018,0x803085644,0xc) = 0 (0x0) __sysctl(0x7fffb020,0x2,0x803294a00,0x7fffb0e0,0x0,0x0) = 0 (0x0) gettimeofday({1395507235.011369 },0x0) = 0 (0x0) clock_gettime(4,{335225.177478505 }) = 0 (0x0) __sysctl(0x7fffac20,0x2,0x7fffac60,0x7fffac58,0x803c03cf3,0x14) = 0 (0x0) __sysctl(0x7fffac60,0x3,0x7fffad04,0x7fffad08,0x0,0x0) = 0 (0x0) __sysctl(0x7fffac80,0x2,0x7fffacc0,0x7fffacb8,0x803c03efb,0x10) = 0 (0x0) __sysctl(0x7fffacc0,0x3,0x801c99600,0x7fffad98,0x0,0x0) = 0 (0x0)
Multiple interfaces
I want access to a public and a private network from a jail. Can I configure a jail with multiple interfaces? Or what is the easies workaround for this? ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: Multiple interfaces
On 01/10/11 16:45, Stefan Bethke wrote: Am 10.01.2011 um 15:28 schrieb Peter Ankerstål: I want access to a public and a private network from a jail. Can I configure a jail with multiple interfaces? Yes, see rc.conf(5): jail_jname_ip (str) Unset by default. Set to the (primary) IPv4 and/or IPv6 address(es) assigned to the jail. The argument can be a sole address or a comma separated list of addresses. Addi- tionally each address can be prefixed by the name of an interface followed by a pipe to overwrite jail_jname_interface or jail_interface and/or suffixed by a netmask, prefixlen or prefix. In case no netmask, prefixlen or prefix is given, `/32' will be used for IPv4 and `/128' will be used for an IPv6 address. If no address is given for the jail then the jail will be started with no networking support. Assuming that the private and the public networks are attached to em0 and em1, respectively, you'd set jail_myjail_ip=em0|172.17.43.3,em1|192.0.2.27 in rc.conf. Stefan Oh, thanks! Sorry about that. But the pipe part is very hard to miss in the manual. Thanks again! ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: Mutiple ipv4 and ipv6.
On 1 nov 2010, at 13.44, Bjoern A. Zeeb wrote: On Mon, 1 Nov 2010, Peter Ankerstål wrote: Hi, Im trying to configure a jail with mutiple ipv6 and ipv4-addresses. One ipv4-address and multiple ipv6 works fine but not multiple of both. ... and others: Starting jails:/etc/rc.d/jail: WARNING: jail_extract_address: type not identified /etc/rc.d/jail: WARNING: jail_extract_address: type not identified cannot start jail jailid: . can you give us the complete global and configuration for this jail? It's hard to guess at the moment. Subsitute the domain name for example.com, the IPv4 prefix with 192.0.2. and the IPv6 prefix with 2001:db8: (which are the example/docmentation prefixes) or, if you want, send them to me privately. Everything works now. Must have misplaced a comma or something. Sorry about that! ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
VIMAGE and jail.
Anyone here used the VIMAGE together with jail? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: VIMAGE and jail.
On 2 okt 2010, at 15.06, Nikos Vassiliadis wrote: Peter Ankerstål wrote: Anyone here used the VIMAGE together with jail? Is this some kind of poll?:) I have used VIMAGE and jail. Nikos Haha, sorry. Just wanted some pointers.___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
jail + jailed zfs volume.
I got it to work, but how do I get it to configure correctly after a reboot, or a restart of the jail? The jailid can change and so on? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
spamd inside jail.
I cant start spamd inside my new jails running 7.2-PRERELEASE. [3679] warn: server socket setup failed, retry 1: spamd: could not create INET socket on ip:783: Can't assign requested address [3679] warn: server socket setup failed, retry 2: spamd: could not create INET socket on ip:783: Can't assign requested address [3679] error: spamd: could not create INET socket on ip:783: Can't assign requested address spamd: could not create INET socket on ip:783: Can't assign requested address running on FreeBSD new.machine.tld 7.2-PRERELEASE FreeBSD 7.2-PRERELEASE #2: Tue Mar 24 00:06:58 UTC 2009 peter@:/usr/obj/usr/src/sys/SAMURAI amd64 But on FreeBSD old.machine.tld 7.2-PRERELEASE FreeBSD 7.2-PRERELEASE #1: Sat Mar 28 15:30:25 CET 2009 peter@:/usr/obj/usr/src/sys/NINJA amd64 everything still works fine. other programs can bind to adresses and so on but not spamd. I tried to write something like this: http://www.perlmonks.org/?node_id=416119 but with tcp and port 783, not warnings or error messages. Do you think this is a jail-issue or a spamd issue? I have tried to config spamd to bind to alot of different addresses with same result 0.0.0.0, 127.0.0.1, the jails ip and so on. -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: New 7.2 compatible versions of jailutils and bsnmp-jails
On Mar 25, 2009, at 10:51 PM, Stef Walter wrote: It lets you poll a URL that looks like: snmp://pub...@example.com/jailInOctets?jailHost=jail.example.com See 'TABLE QUERIES' here: http://memberwebs.com/stef/software/rrdbot/rrdbot.conf.5.html http://memberwebs.com/stef/software/rrdbot/rrdbot-get.1.html Damn, I cant figure out how to get the MIB-file working. Where should I place the .txt? and client-side, server-side, both? path? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: New 7.2 compatible versions of jailutils and bsnmp-jails
On Mar 25, 2009, at 4:16 AM, Stef Walter wrote: Peter Ankerstål wrote: My knowledge about snmp is somewhat limited but I'm using cacti for the moment. Is there a simple way to use this module with cacti? My knowledge of cacti is very limited. But I imagine you could add a new SNMP counter using the OID here: http://memberwebs.com/stef/software/bsnmp-jails/bsnmp-jails.8.html Or the MIB's here: http://memberwebs.com/stef/software/bsnmp-jails/JAILS-MIB.txt You can also use rrdbot-get (from the rrdbotd package) to list the table, and get the relevant OIDs: http://memberwebs.com/stef/software/rrdbot/rrdbot-get.1.html http://memberwebs.com/stef/software/rrdbot/rrdbot-get.1.html Sorry this isn't more helpful. Cheers, Stef Thanks, Ive looked at the cacti-documentation page and it doesnt seem that hard to add new data soruce when you have the OID and so on.. But I have one question jails.jailTable.jailEntry.jailInOctets.X Lets say I want to create a graph for a specific jail. How do i know X and doesnt it change over time? (lets say I add a new jail, or start them in a different order) -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Patching for multi-ip.
Hi, Im running FreeBSD 7.1-RELEASE-p2 and want to upgrade my jail for multi-ip-support. But I cant find an easy way to to this? Is the simplest way just to build a new world with RELENG_7? I would really appreciate a guide or simple directions to get this without building world. Thanks. -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: Patching for multi-ip.
On Tue, 24 Mar 2009, Peter Ankerstål wrote: Hi, Im running FreeBSD 7.1-RELEASE-p2 and want to upgrade my jail for multi-ip-support. But I cant find an easy way to to this? Is the simplest way just to build a new world with RELENG_7? I would really appreciate a guide or simple directions to get this without building world. there is no way w/o building a world and a kernel or waiting another few days for 7.2-{BETA,RC*,RELEASE} which will have all this. Ok, thank you! -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: New 7.2 compatible versions of jailutils and bsnmp-jails
On Mar 24, 2009, at 12:28 AM, Stef Walter wrote: I've rolled new versions of jailutils and bsnmp-jails which are compatible with the (awesome) jail changes in FreeBSD 7.2 and HEAD: My knowledge about snmp is somewhat limited but I'm using cacti for the moment. Is there a simple way to use this module with cacti? -- Peter Ankerstål pe...@pean.org http://www.pean.org/ ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to freebsd-jail-unsubscr...@freebsd.org
Re: new set of multi-IPv4/v6/noIP jail patches
On Jun 17, 2008, at 8:03 PM, Bjoern A. Zeeb wrote: Hi, while for some stuff only infrastructure is there, there is more now. Any feedback would be welcome. I'll have to work on something else the next week so not going to implement the full set of state, ... Is there any possibility to get these patches to work together with the memory-limiting patches? ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to [EMAIL PROTECTED]
tun/gif interfaces inside jail.
Is it possible to give root access to a certain tun-interface inside a jail? In order to use OpenVPN or something like that? -- Peter Ankerstål [EMAIL PROTECTED] ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to [EMAIL PROTECTED]
Jail resource limits
http://wiki.freebsd.org/JailResourceLimits Is this anthing people are working on? Is it on its way to RELENG_7? Is there a 7-version of the patch or anything? This would be a _VERY_ useful feature. -- Peter Ankerstål [EMAIL PROTECTED] ___ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to [EMAIL PROTECTED]