Solved ADB server does not ACK if it is launched inside Linux (Ubuntu) chrooted / jailed / emulated with the Linuxulator

maybe like this ?

Code: 
rdr pass on $int_if proto tcp from any to any port 5037:5555 -> 10.10.0.5 port 5037:5555
pass in on $int_if proto tcp from any to 10.10.0.5 port 5037:5555

there are so many permutations. We can't guess the right one. What says chatgpt ? What about to change the IP from 10.10.x to 192.168.x ?
 
there are so many permutations. We can't guess the right one.
Click to expand...

thats all part of the fun

What says chatgpt ?
Click to expand...


prompt

forward port 5037 with pf on freebsd from the host to a jail with an ip address of 10.10.0.5

youll have to ask it some questions

something like

connect to an android device over wifi with an ip address of 192.168.1.2 and forward the port with pf on freebsd from the host to a jail with an ip address of 10.10.0.5

you can have hours of fun
 
This is what chatgpt says to do :

Code: 
pass in on em0 proto tcp from any to 192.168.1.2 port 5555 rdr-to 10.10.0.5 port 5555

sudo pfctl -f /etc/pf.conf
sudo pfctl -e
sudo pfctl -sr
 
chatgpt is making a mistake :P

Code: 
/etc/pf.conf:49: syntax error
pfctl: Syntax error in config file: pf rules not loaded
 
thats not what i get

Code: 
pass in on em0 proto tcp from any to 192.168.1.2 port 5555 rdr-to 10.10.0.5 port 5555

using this chatgpt prompt

connect to an android device over wifi with an ip address of 192.168.1.2 and forward the port with pf on freebsd from the host to a jail with an ip address of 10.10.0.5
 
chatgpt says :

# sudo pfctl -sr

This will show the current rules that PF is using. You should see your redirection rule (rdr pass on em0 proto tcp from any to 192.168.1.2 port 5555 -> 10.10.0.5 port 5555).

unfortunately I don't see that rule :

Code: 
[root@marietto /compat]==> sudo pfctl -sr

scrub in all no-df max-mss 1440 fragment reassemble
block drop in log quick on ! lo inet6 from ::1 to any label "block_spoofing"
block drop in log quick on ! lo inet from 127.0.0.0/8 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.0/24 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.2 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.3 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.4 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.6 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.7 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.8 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.9 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.10 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.11 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.12 to any label "block_spoofing"
block drop in log quick inet6 from ::1 to any label "block_spoofing"
block drop in log quick on lo0 inet6 from fe80::1 to any label "block_spoofing"
block drop in log quick inet from 127.0.0.1 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.1 to any label "block_spoofing"
block drop in log quick on lo1 inet6 from fe80::1 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.2 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.3 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.4 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.6 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.7 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.8 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.9 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.10 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.11 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.12 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.5 to any label "block_spoofing"
block drop in log quick on ! em0 inet from 192.168.1.0/24 to any label "block_spoofing"
block drop in log quick inet from 192.168.1.5 to any label "block_spoofing"
block drop log all
block return out quick inet6 all tag IPV6
block drop in quick inet6 all tag IPV6
pass inet proto icmp all icmp-type echoreq keep state tag ICMP
pass inet proto icmp all icmp-type unreach keep state tag ICMP
block drop out on em0 all
pass out quick on em0 all flags S/SA modulate state
 
connect to an android device over wifi with an ip address of 192.168.1.2 and forward the port with pf on freebsd from the host to a jail with an ip address of 10.10.0.5

returns this

In the =pf.conf= file, you need to add a rule to forward traffic from
port =5037= on the host to port =5037= on the jail's IP address
(=10.10.0.5=).

Add the following rule to the configuration file:

Code: 
# Redirect port 5037 to the jail at 10.10.0.5
rdr pass on em0 proto tcp from any to any port 5037 -> 10.10.0.5 port 5037


- Replace =em0= with the name of the network interface on the host
that's receiving the traffic (this could be =eth0=, =vtnet0=, or
whatever your network interface is named).
- =rdr= stands for "redirect", and this rule tells =pf= to forward
incoming traffic on port =5037= to the jail at =10.10.0.5=.

Next, you need to ensure that traffic is allowed through the firewall on
the jail's interface. Add a rule like this to your =pf.conf= file:

Code: 
# Allow traffic on port 5037 to the jail
pass in on em0 proto tcp from any to 10.10.0.5 port 5037

After making these changes to =/etc/pf.conf=, you need to reload the
=pf= configuration so that the rules take effect:

Code: 
sudo pfctl -f /etc/pf.conf
sudo pfctl -e

You can verify that =pf= is correctly forwarding the port by checking
the rules:

Code: 
sudo pfctl -sr

Also, check that port =5037= is open and accessible from the host:

Code: 
sudo sockstat -l | grep 5037

You should now have port =5037= on the host correctly forwarded to the
jail at =10.10.0.5=.
 
I think we are close :

Code: 
# nano /etc/pf.conf

rdr pass on em0 proto tcp from any to any port 5037 -> 10.10.0.5 port 5037
pass in on em0 proto tcp from any to 10.10.0.5 port 5037

# sudo pfctl -sr

scrub in all no-df max-mss 1440 fragment reassemble
block drop in log quick on ! lo inet6 from ::1 to any label "block_spoofing"
block drop in log quick on ! lo inet from 127.0.0.0/8 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.0/24 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.2 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.3 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.4 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.6 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.7 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.8 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.9 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.10 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.11 to any label "block_spoofing"
block drop in log quick on ! lo inet from 10.10.0.12 to any label "block_spoofing"
block drop in log quick inet6 from ::1 to any label "block_spoofing"
block drop in log quick on lo0 inet6 from fe80::1 to any label "block_spoofing"
block drop in log quick inet from 127.0.0.1 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.1 to any label "block_spoofing"
block drop in log quick on lo1 inet6 from fe80::1 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.2 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.3 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.4 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.6 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.7 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.8 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.9 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.10 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.11 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.12 to any label "block_spoofing"
block drop in log quick inet from 10.10.0.5 to any label "block_spoofing"
block drop in log quick on ! em0 inet from 192.168.1.0/24 to any label "block_spoofing"
block drop in log quick inet from 192.168.1.5 to any label "block_spoofing"
block drop log all
block return out quick inet6 all tag IPV6
block drop in quick inet6 all tag IPV6
pass in on em0 inet proto tcp from any to 10.10.0.5 port = 5037 flags S/SA keep state
pass inet proto icmp all icmp-type echoreq keep state tag ICMP
pass inet proto icmp all icmp-type unreach keep state tag ICMP
block drop out on em0 all
pass out quick on em0 all flags S/SA modulate state
pass in all flags S/SA keep state

[root@marietto /compat]==> sudo sockstat -l | grep 5037

root     adb         5972 6   tcp4   10.10.0.5:5037        *:*

[root@marietto /compat]==> ./start-noble-bash

Stopping jails: noble.
Starting jails: noble.

root@noble:/# adb connect 192.168.1.2:5555
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
** daemon still not running
error: cannot connect to daemon

but not yet...
 
In our prompt we have missed the keyword "Linuxulator". We can also try to exclude the keyword jail. So,I will try this :

How to connect adb from the Linuxulator to an android device with an ip address of 192.168.1.2 and forward the port 5555 with pf on freebsd with ip address of 192.168.1.5
 
To connect adb (Android Debug Bridge) from the Linuxulator (Linux emulation layer) on FreeBSD to an Android device on the network (IP address 192.168.1.2), and forward port 5037 using pf (Packet Filter), add the following rules to /etc/pf.conf :

Code: 
rdr pass on em0 proto tcp from any to 192.168.1.5 port 5037 -> 192.168.1.2 port 5037
pass in on em0 proto tcp from any to 192.168.1.5 port 5037
 
I need to document what I did,because I made some progress. In this experiment I haven't used the jail,but I kept pf enabled :

nano /etc/rc.conf :

Code: 
#ifconfig_em0="DHCP"
#ifconfig_vtnet0="DHCP"
ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0"
defaultrouter="192.168.1.8"
pf_enable="YES"
#jail_enable="YES"
#jail_parallel_start="YES"
#ifconfig_lo1_aliases="inet 10.10.0.1-12/24"

nano /etc/pf.conf :

Code: 
rdr pass on em0 proto tcp from any to 192.168.1.5 port 5037 -> 192.168.1.2 port 5037
pass in on em0 proto tcp from any to 192.168.1.5 port 5037

and ADB has been able to connect :

Code: 
root@marietto:/# mount -t proc proc /proc

root@marietto:/# adb connect 192.168.1.2:5555
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
connected to 192.168.1.2:5555

root@marietto:/# uname
Linux
 
I need to document what I did,because I made some progress. In this experiment I haven't used the jail,but I kept pf enabled :

nano /etc/rc.conf :

Code: 
#ifconfig_em0="DHCP"
#ifconfig_vtnet0="DHCP"
ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0"
defaultrouter="192.168.1.8"
pf_enable="YES"
#jail_enable="YES"
#jail_parallel_start="YES"
#ifconfig_lo1_aliases="inet 10.10.0.1-12/24"

nano /etc/pf.conf :

Code: 
rdr pass on em0 proto tcp from any to 192.168.1.5 port 5037 -> 192.168.1.2 port 5037
pass in on em0 proto tcp from any to 192.168.1.5 port 5037

and ADB has been able to connect :

Code: 
root@marietto:/# mount -t proc proc /proc

root@marietto:/# adb connect 192.168.1.2:5555
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
connected to 192.168.1.2:5555

root@marietto:/# uname
Linux
 
I did it,but without using jail :(

Code: 
nano /etc/pf.conf :

#=========================================================================#
# variables, macro and tables                                             #
#=========================================================================#

int_if="em0" # em0 interface
all_networks="0.0.0.0/0"
icmp_types = "{ echoreq, unreach }"
tcp_state="flags S/SA keep state"
udp_state="keep state"

#=========================================================================#
# global policy                                                           #
#=========================================================================#

set block-policy drop
set loginterface $int_if
set fingerprints "/etc/pf.os"
set skip on lo0
scrub in all fragment reassemble no-df max-mss 1440
# nat jail
nat on $int_if from {lo1:network} to any -> ($int_if)
# forward port

rdr pass on em0 proto tcp from any to 192.168.1.5 port 5037 -> 192.168.1.2 port 5037

# antispoof
antispoof log quick for { lo $int_if } label "block_spoofing"

#=========================================================================#
# block                                                                   #
#=========================================================================#

block log all # block log all
block return out quick inet6 all tag IPV6 # block ipv6
block in quick inet6 all tag IPV6 # block ipv6

#=========================================================================#
# traffic tag                                                             #
#=========================================================================#

# allow port 5037 to the jail

pass in on em0 proto tcp from any to 192.168.1.5 port 5037

# icmp
pass inet proto icmp all icmp-type $icmp_types keep state tag ICMP

# outbound traffic
block out on $int_if all
pass out quick on $int_if all modulate state
pass in all

nano /compat/start-noble-bash :

xhost +
vmdisk1=`geom disk list | awk '/^Geom name: /{d=$NF} /^ *ident: (BE0191500218)/ && d{print d}'`
echo "G-DRIVE USB UFS ; $vmdisk1"

if [ "${vmdisk1}" = "da1" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da1.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da2" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da2.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da3" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da3.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da4" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da4.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da5" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da5.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da6" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da6.conf /etc/jail.conf.d/noble.conf
fi

/compat/./noble-no-jail onestop && sysctl compat.linux.emul_path=/mnt/$vmdisk1'p2'/Backup/compat/noble && /compat/./noble-no-jail onestart
doas pfctl -F all -f /etc/pf.conf
#doas service jail stop noble
#doas service jail start noble
#doas jexec noble /bin/bash
chroot /mnt/$vmdisk1'p2'/Backup/compat/noble /bin/bash

root@marietto:/# adb connect 192.168.1.2:5555
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
connected to 192.168.1.2:5555

root@marietto:/# java -jar /home/marietto/Desktop/Files/OS/Linux/Tools/DeskDockServer_1.3.0/DeskDockServer_1.3.0.jar

Program: DeskDockServer 1.3.0
 System: Linux 5.15.0, amd64
JRE: 21.0.5+11-Ubuntu-1ubuntu124.04
2024-11-23 17:21:54.676   AdbLocator: Found ADB in env PATH
2024-11-23 17:21:54.676   class com.floriandraschbacher.deskdockserver.Main: Using ADB from /usr/bin/adb
2024-11-23 17:21:54.792   b@35b27a25: Detected device: 192.168.1.2:5555
2024-11-23 17:21:54.792   b@35b27a25: Try connect
2024-11-23 17:21:54.793   i@7ff38a31: New device: 192.168.1.2:5555
2024-11-23 17:21:54.919   i@7ff38a31: Could not connect transporter due to socket error
2024-11-23 17:21:55.328   i@7ff38a31: Could not connect transporter due to socket error
2024-11-23 17:21:55.744   i@7ff38a31: Could not connect transporter due to socket error
2024-11-23 17:21:56.152   i@7ff38a31: Could not connect transporter due to socket error
2024-11-23 17:21:56.558   i@7ff38a31: Could not connect transporter due to socket error
2024-11-23 17:21:56.975   i@7ff38a31: Could not connect transporter due to socket error
2024-11-23 17:21:57.384   i@7ff38a31: Could not connect transporter due to socket error
2024-11-23 17:21:57.783   i@7ff38a31: Transporter connected: 192.168.1.2:5555
2024-11-23 17:21:57.784   i@7ff38a31: Sent HS: 192.168.1.2:5555
2024-11-23 17:21:57.836   i@7ff38a31: Received HS: 192.168.1.2:5555
2024-11-23 17:21:57.845   Starter: Starting service
2024-11-23 17:21:57.845   Starter: Client reported path at: /data/app/com.floriandraschbacher.deskdock.pro-IhckTOpEDG43KtbLTQ59lg==/base.apk
2024-11-23 17:21:57.871   es@7c1d46fd: Could not load profiles: java.io.EOFException
2024-11-23 17:21:57.871   i@7ff38a31: Successful HS: 192.168.1.2:5555
2024-11-23 17:21:59.186   ab@5a02560a: Result: Started
2024-11-23 17:21:59.186   Starter: Done

root@marietto:/# uname -a
Linux marietto 5.15.0 FreeBSD 14.1-RELEASE-p5 GENERIC x86_64 x86_64 x86_64 GNU/Linux
 
I think I found the reason why ADB does not connect when I use the jail. The error :

Code: 
linux: jid 2 pid 5717 (bash): syscall setfsgid not implemented

happens every time I do :

Code: 
doas jexec noble

not every time I do :

Code: 
adb connect

this is my /etc/jail.conf :

Code: 
# startup/logging
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.consolelog = "/var/log/jail_console_${name}.log";
enforce_statfs = 0;

and this is my /etc/jail.conf.d/noble.conf :

Code: 
noble {
host.hostname = "noble";
path = "/mnt/da2p2/Backup/compat/noble";

# permissions
allow.raw_sockets;
exec.clean;
persist;
sysvmsg=inherit;
sysvsem=inherit;
sysvshm=inherit;
enforce_statfs = 0;

# permissions
devfs_ruleset=7;

# network
ip4.addr="lo0|10.10.0.5/24";

I see that it is not a bug,but a function that hasn't been implemented. Don't know if I should report it.
 
You gave me the content for the file /etc/jail.conf.d/noble.conf. It contains this statement : devfs_ruleset=7; but my /etc/defaults/devfs.rules does not have the rule 7. Can you past me your devfs.rules file and also your /etc/devfs.rules ? thanks. I presume that you have customized these files.
 
Full,final ad working configuration :

Code: 
/etc/rc.conf :

ifconfig_em0="inet 192.168.1.5 netmask 255.255.255.0"
defaultrouter="192.168.1.8"
local_unbound_enable="YES"
#ifconfig_ue0_aliases="inet 192.168.1.234-246/24"

cloned_interfaces="bridge0 tap0 tap1 tap2 tap3 tap4 tap5 tap6 tap7 tap8 tap9 tap10 tap11 tap12 tap13 tap14 tap15 tap16 tap17 tap18 tap19 tap20 em0 lo1"
ifconfig_bridge0="addm em0 addm tap0 addm tap1 addm tap2 addm tap3 addm tap4 addm tap5 addm tap6 addm tap7 addm tap8 addm tap9 addm tap10 addm tap11 addm tap12 addm tap13 addm tap14 addm tap15 addm tap16 addm tap17 addm tap18 addm tap19 addm tap20"

devfs_system_ruleset="system"
linux_enable="YES"
pf_enable="YES"

jail_enable="YES"
jail_parallel_start="YES"


/etc/pf.conf :


int_if="em0" # em0 interface
ext_if="ue0" # ue0 interface

nat on $int_if from {em0:network} to any -> ($int_if)
nat on $ext_if from {ue0:network} to any -> ($ext_if)

# forward port 5037
rdr pass on ue0 proto tcp from any to 192.168.1.234 port 5037 -> 192.168.1.2 port 5037

# allow port 5037 to the jail
pass in on ue0 proto tcp from any to 192.168.1.234 port 5037


/etc/jail.conf.d/noble.conf :


noble {
host.hostname = "noble";
path = "/mnt/da2p2/Backup/compat/noble";

    # permissions
    allow.raw_sockets;
    exec.clean;
    persist;
    sysvmsg=inherit;
    sysvsem=inherit;
    sysvshm=inherit;
    enforce_statfs=1;
    devfs_ruleset=7;

    # network
    ip4.addr="ue0|192.168.1.234/24";

    # mount
    mount += "devfs            $path/dev              devfs           rw                      0       0";
    mount += "tmpfs            $path/dev/shm          tmpfs           rw,size=1g,mode=1777    0       0";
    mount += "fdescfs          $path/dev/fd           fdescfs         rw,linrdlnk             0       0";
    mount += "linprocfs        $path/proc             linprocfs       rw                      0       0";
    mount += "linsysfs         $path/sys              linsysfs        rw                      0       0";
    mount += "/tmp             $path/tmp              nullfs          rw                      0       0";
    mount += "/var/run/user/   $path/run/user/        nullfs          rw                      0       0";
    mount += "/var/run/dbus/   $path/run/dbus/        nullfs          rw                      0       0";
}


/etc/devfs.rules :


[system=10]
add path 'dri/*' mode 0666 group operator
add path 'dri/*' mode 0666 group video
add path 'drm/*' mode 0666 group operator
add path 'drm/*' mode 0666 group video
add path 'ttyU*' mode 0660 group operator
add path 'tap*' mode 0660 group operator
add path 'ugen*' mode 0660 group operator

[jail=7]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'mixer*' unhide
add path 'dsp*' unhide
add path 'dri*' unhide
add path 'drm*' unhide
add path 'nvidia*' unhide
add path 'speaker*' unhide


/etc/jail.conf :


# startup/logging
exec.start = "/bin/sh /etc/rc";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.consolelog = "/var/log/jail_console_${name}.log";

# permissions
allow.raw_sockets;
exec.clean;
mount.devfs;


/compat/start-noble-bash-jail :


xhost +
vmdisk1=`geom disk list | awk '/^Geom name: /{d=$NF} /^ *ident: (BE0191500218)/ && d{print d}'`
echo "G-DRIVE USB UFS ; $vmdisk1"

if [ "${vmdisk1}" = "da1" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da1.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da2" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da2.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da3" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da3.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da4" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da4.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da5" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da5.conf /etc/jail.conf.d/noble.conf
fi
if [ "${vmdisk1}" = "da6" ]; then
cp /etc/jail.conf.d/noble-disks/noble-da6.conf /etc/jail.conf.d/noble.conf
fi


/compat/./noble-linuxulator-start-jail onestop && /compat/./noble-linuxulator-start-jail onestart


doas pfctl -F all -f /etc/pf.conf
doas service jail stop noble
doas service jail start noble
doas jexec noble /bin/bash


/compat/noble-linuxulator-start-jail :


#!/bin/sh
#
# PROVIDE: noble
# REQUIRE: archdep mountlate
# KEYWORD: nojail
#
# This is a modified version of /etc/rc.d/linux
# Based on the script by mrclksr:
# https://github.com/mrclksr/linux-browser-installer/blob/main/rc.d/ubuntu.in
#

. /etc/rc.subr

name="noble"
desc="Enable noble chroot, and Linux ABI"
rcvar="noble_enable"
start_cmd="${name}_start"
stop_cmd=":"

vmdisk1=`geom disk list | awk '/^Geom name: /{d=$NF} /^ *ident: (BE0191500218)/ && d{print d}'`
echo "G-DRIVE USB UFS ; $vmdisk1"

noble_start()
{
    local _emul_path _tmpdir

    load_kld -e 'linux(aout|elf)' linux
    case `sysctl -n hw.machine_arch` in
    amd64)
        load_kld -e 'linux64elf' linux64
        ;;
    esac
    if [ -x /mnt/$vmdisk1'p2'/Backup/compat/noble/sbin/ldconfigDisabled ]; then
        _tmpdir=`mktemp -d -t linux-ldconfig`
        /mnt/$vmdisk1'p2'/Backup/compat/noble/sbin/ldconfig -C ${_tmpdir}/ld.so.cache
        if ! cmp -s ${_tmpdir}/ld.so.cache /mnt/$vmdisk1'p2'/Backup/compat/noble/etc/ld.so.cache; then
            cat ${_tmpdir}/ld.so.cache > /mnt/$vmdisk1'p2'/Backup/compat/noble/etc/ld.so.cache
        fi
        rm -rf ${_tmpdir}
    fi

    # Linux uses the pre-pts(4) tty naming scheme.
    load_kld pty

    # Handle unbranded ELF executables by defaulting to ELFOSABI_LINUX.
    if [ `sysctl -ni kern.elf64.fallback_brand` -eq "-1" ]; then
        sysctl kern.elf64.fallback_brand=3 > /dev/null
    fi

    if [ `sysctl -ni kern.elf32.fallback_brand` -eq "-1" ]; then
        sysctl kern.elf32.fallback_brand=3 > /dev/null
    fi
    sysctl compat.linux.emul_path=/mnt/$vmdisk1'p2'/Backup/compat/noble

    _emul_path=/mnt/$vmdisk1'p2'/Backup/compat/noble
}

load_rc_config $name
run_rc_command "$1"
 
You must log in or register to reply here.
Back
Top