jail.conf ignoring exec.fib?
Karl Pielorz
kpielorz_lst at tdx.co.uk
Wed Aug 21 10:35:47 UTC 2013
--On 20 August 2013 18:02 +0100 Arthur Chance <freebsd at qeng-ho.org> wrote:
> And that's just made me think of something else - I have a horrible
> feeling that jexec will attach to the jail using whatever fib it's
> running under, i.e. the fib from the host environment. Do you have (or
> can you enable) ssh running in the jail? If so, log into the jail that
> way, and see what
>
> sysctl net.my_fibnum
>
> shows then, because you'll be running under the environment created by
> /etc/rc.
Ok, one word: Bingo. That was it. I'll spare you the gory details of how I
cut myself off from the machine, managed to create a jail with no access
etc. etc.
But yes, that was it - in summary:
jail -c -v Does not actually *show* the fib being set, but will show an
error if the setfib call fails.
jexec Runs a process in the jail, using the prevailing fib - not
the jails fib, you can rectify this by using 'setfib X jexec jail tcsh'
I don't know if that last point should be considered a 'bug' or not...
Many thanks for your help!
-Karl
More information about the freebsd-questions
mailing list