32-bit jails on a 64-bit system?

Mark Huizer freebsd+jail at dohd.org
Fri Mar 5 12:06:13 UTC 2010 

On 1/21/2010 10:12, Miroslav Lachman wrote:
>
> I think it is nothing new to 8.0, it is the same as release note for 7.2.
>
> I didn't test it, but I think you can install (copy) i386 jail (or 
> whole system) in to amd64 host and just run it as any other jail.
>

Actually, that's what I tried, since I want to move a server to new 
hardware, but with serious time constraints on my side :-( So my plan 
is/was: "rsync the entire machine, build a script that fixes IP 
addresses here and there in the copy, run the jail".

I did have to fix a few little things, stuff like copy a few binaries 
over (netstat, ps, ifconfig, w, top, ldd, ldd32) and of course the ld* 
files in /libexec. Furthermore I moved /usr/lib to /usr/lib32 and copied 
/usr/lib from the amd64 install.
So far so good, I start jail, I see ssh, apache etc running, I start to 
get happy.

But... a few things don't seem to work as intended, although I haven't 
checked each and every detail:

* cronolog seems to ignore part of the arguments, so if you tell it to 
log to /data/logs/%Y/%m/%d/access.log it will log to 
/data/logs/access.log ; didn't investigate yet

* postfix won't start. This I looked at a little more, but without success.

On the count of postfix:

# ldd /usr/local/sbin/postfix
/usr/local/sbin/postfix:
         libpcre.so.0 => /usr/local/lib/libpcre.so.0 (0x2809d000)
         libsasl2.so.2 => /usr/local/lib/libsasl2.so.2 (0x280cf000)
         libpam.so.5 => not found (0x0)
         libcrypt.so.5 => /usr/lib32/libcrypt.so.5 (0x280e6000)
         libssl.so.6 => not found (0x0)
         libcrypto.so.6 => /usr/lib32/libcrypto.so.6 (0x280ff000)
         libc.so.7 => /usr/lib32/libc.so.7 (0x2825a000)

# ls -la /usr/lib*/libpam.so.5
-r--r--r--  1 root  wheel  35848 Mar  3 23:31 /usr/lib/libpam.so.5
-r--r--r--  1 root  wheel  28296 Mar  3 23:33 /usr/lib32/libpam.so.5

You'd say it should work, but it doesn't. The best I've got so far is 
not copy /usr/lib from the amd64 host but make it a symlink to 
/usr/lib32. Then postfix works, but netstat etc won't, of course.
While typing this, this brought me to another idea.
- make /usr/lib symlink to /usr/lib32, mkdir /usr/lib64 filled with the 
libs from the hostmachine's /usr/lib, and then edit /etc/rc.d/ldconfig, 
change _LDC's /usr/lib to /usr/lib64, restart, and presto postfix works. 
It's dirty but it seems to work for now, time for testing.

But I don't really understand why apache etc works, and postfix doesn't. 
So far I see the issues with libpam and libssl, which both are in 
/usr/lib, where libc.so.7 is symlinked to /lib. Anyone who can explain 
the difference to me? And is this intended behaviour?

And now off to cronolog's not working %Y :-)

mark

More information about the freebsd-jail mailing list