connect -1 errno 1 Operation not permitted with specific user (nagios)
Valeri Galtsev
galtsev at kicp.uchicago.edu
Fri Aug 23 14:35:44 UTC 2013
To the best of my knowledge, raw sockets are not allowed inside jail by
default. This might be your problem (as far as I know how nagios works).
To allow raw sockets you can do
sysctl security.jail.allow_raw_sockets=1
then you need to restart at least the jail inside which your nagios
instance lives.
To make the above enabled at boot time you can add the following line into
/etc/sysctl.conf
security.jail.allow_raw_sockets=1
BTW, beware: this affects all jails.
I hope, this helps.
Thanks.
Valeri
On Fri, August 23, 2013 10:13 am, Mike C. wrote:
>
> I'm having a problem with nagios under a jail... commands works has root
> and another normal user I created (its not even in the wheel group)
>
> running commands such has "check_http" get me a Operation not permited,
> with ktrace I was able to confirm the probelm:
> connect -1 errno 1 Operation not permitted
>
>
> The thing is this only happens with the user nagios and I can not figure
> out why!
>
> I'm very new to jails, so I'm user I'm possibly missing something
> trivial, but I would appreciate an help!
>
> What could be different about the user to not allow "connect" ?
>
> Many thanks
>
> _______________________________________________
> freebsd-jail at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-jail
> To unsubscribe, send any mail to "freebsd-jail-unsubscribe at freebsd.org"
>
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
More information about the freebsd-jail
mailing list