On 2016-04-10 03:19, Rodomar 705 wrote:
Sorry for bothering, but after one hour of reading I still can't find a
solution for this problem.
I'm trying to run a Linux game server inside a jail itself, for added
security. The server itself run great on the host system itself. I'm
using
ezjail to manage the jail subsystem itself.
After installing linux_base, the server start up just fine, until to
the
point where it needs to fire up the network port, and crashing with
(NetworkException) cannot create socket: 93 - Protocol not supported
First i was thinking that allow_raw_sockets was what missing, after
messing
with my configuration, i was able to make it work. No dice. After
reading
the jail configuration, expecially under the allow section
configuration,
it was clear to me that was missing were allow.socket_af. Tried with
the
same parameter used with the first one, no dice. Tried adding sysvipc,
taken by some comments online, no dice. Adding one to the parameters
(even
if wasn't making any sense since the other two was enabled without), no
dice.
Can anyone explain me what I'm doing wrong?
Thanks for your time, i'll leave the config below.
In configuration file inside /usr/local/etc/ezjail/<jailname>:
export jail_<jailname>_parameters="allow.raw_sockets allow.socket_af=1
allow.sysvipc"
Result from sudo jexec <jid> sysctl security.jail | egrep
'(allow_raw|sysvipc_allowed|socket_af)':
security.jail.param.allow.socket_af: 0
security.jail.allow_raw_sockets: 1
security.jail.sysvipc_allowed: 1
What's the output of "jls -s"? In particular, are you seeing
allow.socket_af there? (If not, you'll see allow.nosocket_af). Also,
what do you see for ip4 and ip6?
What address family is the linux server program trying to open? Jails
will give EAFNOSUPPORT (Protocol not supported) for non-inet address
families, but also for IPv4 or IPv6 if the jail is set up without ip4 or
ip6 support.
- Jamie
_______________________________________________
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
