jail

Allowing non-root execution of a jailed application Jailed programs can generally be executed by using jexec(8). However, you have to be root in order to do that. In this short article I present an approach on how you can allow a specific set of non-privileged users to execute a particular...

Introduction and motivation There are great articles ([1] and [2]) by patovm04 here on the forum explaining how to run Chrome and Brave in a Linux chroot environment (usually /compat/linux or /compat/ubuntu). These approaches work great. However, I am a big fan of FreeBSD's jails and it has...

Hello, I'm not a FreeBSD newb, but I'm new to jails, and read different solutions. I tried to build a jail with a webserver. Now I could start it. Then I wonder that are different outputs with these commands after I had start it: jexec 57 ps -ax gives me something like this PID TT STAT...

no internet from inside my jail... would like to assign jail an ipv6 address I added this line to sysctl.conf security.jail.allow_raw_sockets=1 I have some sysctl forwarding IPv6 jail.conf is as follows: hydroshop { host.hostname = "hydroponique.shop"; # Hostname...

Hey everyone! I'm in a pickle this evening after getting my mail server setup nicely. I was trying to increase "max_packet_size" from default: 16777216 to 26214400 This is how I accidently broke my Maria DB 10.5.x (Inside a Jail): root@jail:~ # mysql -h mariadbserver_ip -u root -p Enter...

Hi! How is it possible to have the same package, same version, same OS to be found vulnerable in a jail but not on the host? Inside a fresh pkg upgraded jail: root@web1:~ # pkg audit curl-7.82.0_1 is vulnerable: cURL -- Multiple vulnerabilities ... 1 problem(s) in 1 installed package(s)...

Hi, I'm having issues with VNET on my FreeBSD 13.0-RELEASE-p11 host running on a cloud VPS. After some other problems previously discussed in this thread, I'm now stuck with the following issue: I have a very simple VNET jail setup (config see below) and tried to manually assign it an epair...

Hey everyone! Not trying to clutter the forum up or making duplicates. https://forums.freebsd.org/threads/freebsd-13-0-release-ezjail-admin-jails-not-reflecting-updates-p11-p4-only.84743/ I since have rebooted my host server and when I read this thread...

Hello folks, yesterday I wrote a Twitter thread to give an example how to deploy VNET jails in a ZFS environment. Here is it again in this forum. A guide to deploy a VNET jail using a FreeBSD 13.0 server with ZFS and populated /usr/src. We start with preparing the file tree. I use /l/prison...

Please help! What is wrong in my configuration? Where to look for an error? I had upgraded system to releng/12.3 but I got the same behaviour. [root:~]# uname -a FreeBSD hostname 12.2-RELEASE-p10 FreeBSD 12.2-RELEASE-p10 12803d8a99c(releng/12.2) CUSTOM amd64 on host machine: # ifconfig...

I am interested in consolidating my router and workstation into a single physical box for ease of maintenance. I am thinking that I would have my workstation run the router inside a jail in which the router is assigned the physical network interfaces and it'd perform DNS, DHCP, and firewall...

Hi everyone. I'd like to set two jails with each hosting a domain of mine, with HTTPS/TLS support on nginx. My case is; My Dedicated Server/Host IP: 134.42.22.11 (External Public IP Addr) (has also PF activated and running without Jails' support, anything with any jail, at the moment) Jail 1 -...

Hey guys, I am currently experiencing a very strange behavior and I've got no more ideas: Situation: FreeBSD server running 13.0-RELEASE several (bastille) jails running 13.0-RELEASE some older (bastille) jails running 12.4-RELEASE SSH access to host (x.x.0.0/24 network) works SSH access to...

I have a few jails running on a machine. On entering the first jail with "jexec JAILID" and running "portmaster -aByDGP," the entire OS freezes then restart. I caught a dump here: This is nullfs crashing base OS, I suppose. I am currently doing a custom kernel/userland build in order to update...

Hi there, I've been using qjail for years, and my jails been running nice since then. Till today. I was trying to update the packages inside one jail and got this error: git_jail /root >pkg update && pkg upgrade Updating FreeBSD repository catalogue... [git_jail] Fetching...

Hi, I have searched on this forum and on internet without success so here is my question. I love jails and his flexibility but for a "hosting" service with clients on jails like vps I would like to limit the max number of cpu cores each jail can utilize on the server. I know about cpuset and I...

I have an issue forwarding the packets to the cloud from the jail. I have tested Netgraph and epair with the same result. I have enabled nat in sysctl.conf>> net.inet.ip.forwarding=1 I have disabled PF totally and tried with nat enabled nat on $ext_if inet from $jail_if to any -> ($ext_if) In...

I'd like to ask for some help in getting a handle on Poudriere jail management. After a LOT of reading (mostly off https://github.com/freebsd/poudriere/wiki/), but also the Handbook's sections on "Building Ports with Poudriere" and the chapter on jails, I was able to distill 3 commands that I'd...

system: FreeBSD 13.0-RELEASE HOST: cat /etc/jail.conf # jail.conf exec.start = "/bin/sh /etc/rc"; exec.stop = "/bin/sh /etc/rc.shutdown"; exec.clean; allow.noset_hostname; allow.raw_sockets; allow.sysvipc; allow.dying; path = "/vol/jls/${name}"; host.hostname = "${name}.bsd"; parent_jail {...

As I needed databases/luadbi to have support for PostgreSQL and not for MySQL, as the default config, and I didn't want to do this in the server, I've configured a jail in my workstation to configure the port. After building it, that port as well as some other dependencies are available at...