On Thu, 24 Jul 2014, Glen Barber wrote:
On Thu, Jul 24, 2014 at 09:35:52PM -0600, Warren Block wrote:
On Thu, 24 Jul 2014, Glen Barber wrote:
On Thu, Jul 24, 2014 at 09:25:06PM -0600, Warren Block wrote:
On Thu, 24 Jul 2014, Glen Barber wrote:
The problem, I suspect, is that bpf(4) does not exist in the jail.
It's there:
# ls -lh /dev/b*
crw------- 1 root wheel 0x12 Jul 24 21:00 /dev/bpf
lrwxr-xr-x 1 root wheel 3B Jul 24 20:08 /dev/bpf0 -> bpf
This is within the jail?
Yes. It also has allow.raw_sockets=1.
Well, I ask, because I think bpf(4) should *not* exist in the jail
even with allow.raw_sockets=1.
# sysctl security.jail.allow_raw_sockets
security.jail.allow_raw_sockets: 1
# ls /dev/bpf*
ls: No match.
Yes, I had to unhide it with devfs:
[devfsrules_jail_dhcp=5]
add include $devfsrules_jail
add path 'bpf*' unhide
And then in /usr/local/etc/ezjail/jailname
export jail_jailname_devfs_ruleset="5"
_______________________________________________
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"